Secure by Design

Leading the way to safer IT

Introducing Secure by Design

Secure by Design is our guiding principle for how we approach security and cyber resiliency at SolarWinds. Consisting of several key principles, we’re working to create a more secure environment and build system centered around transparency and maximum visibility.

Our guiding principles:

  • Develop a resilient build environment called our Next-Generation Build System
  • Build out a community approach to support cyber resiliency
  • Improve overall security through transparency
  • Build out a security team to conduct frequent red and purple teaming and auditing in the middle of builds
  • Increase efforts to gain more visibility into systems and processes
  • Go beyond zero trust with an “assume breach” mindset

You can learn more about Secure by Design by reading our FAQ.

Watch the SolarWinds Day panel with CISA and guests

At SolarWinds Day, SolarWinds head of Government Affairs Chip Daniels led a conversation with industry experts on how companies must work collaboratively to strengthen the security of the nation’s shared cyberinfrastructure. SolarWinds President and CEO Sudhakar Ramakrishna, along with Congressman Darrell Issa (R-CA), Congressman Raja Krishnamoorthi (D-IL), and CISA Executive Assistant Director for Cybersecurity Eric Goldstein, discussed the National Cybersecurity Strategy, centering on the ways robust public-private partnerships are needed to strengthen the security of our nation’s cyberinfrastructure.

In this video, you’ll learn about SolarWinds self-attestation for the U.S. Department of Commerce National Institute of Standards and Technology (NIST) Secure Software Development Framework (SSDF) and the recently released National Cybersecurity Strategy.

The need for leading-edge software supply chain security

Despite the security of the software supply chain being fundamental to ensuring the fortification of modern applications, supply chain attacks often go undetected. In this Q&A between IDC and SolarWinds, we drill down into what you need to know about software supply chain security, including what it is, the current state of the supply chain, and how organizations can get started addressing supply chain security.

Achieving an assume breach culture within your organization: A complete guide from adoption to implementation

Does adopting an assume breach mindset makes sense for your business? This whitepaper discusses the current state of breaches, key considerations for building a security strategy, and what we’ve learned in our journey of adopting an assume breach mindset with observability.

Embracing assume breach

When adopting a zero-trust culture, you’re determining a way to effectively reduce attack aperture and risk. We’ve taken zero trust a step further to an assume breach position, a mindset enabling organizations to identify and address gaps in the detection and prevention of attacks; the response to an attack and penetration; the recovery from an attack, tamper, or leak; and the prevention of future attacks or breaches.

The approach is designed to securely connect the right users to the right data at the right time under the right conditions while protecting the organization from cyber threats in a highly volatile environment. Operating with this assumption reshapes detection and response strategies and pushes the limits of any organization’s infrastructure, people, processes, and technologies, leading to improved cyber resiliency.

To learn more, you can read our blog post summary and watch this video of SolarWinds CISO and VP, Security Tim Brown speaking with Adam Meyers from CrowdStrike at VentureBeat’s Intelligent Security Summit.

Building cyber resiliency through Secure by Design

Our Secure by Design mentality will span across our entire portfolio of software solutions to provide our customers with the assurance they need and support their own cyber resiliency.

Software supply chain management: Lessons learned from SolarWinds

In this podcast episode, SolarWinds CISO and VP, Security Tim Brown explains our Next-Generation Build System and how it can serve as an industry model for secure software development and help make supply chain attacks more difficult.

The future of software supply chain security with SolarWinds

SolarWinds CISO and VP, Security Tim Brown weighs in on the findings presented in “The Need for Leading Edge Software Supply Chain Security,” a Q&A between SolarWinds and IDC. In his blog post, Brown details what we’re doing at SolarWinds to further secure our supply chain and improve security efforts for ourselves and our customers.

Key lessons for building secure and resilient ecosystems from the Forbes CIO Summit

How can organizations protect themselves from more sophisticated and patient cyberattackers? At the Forbes CIO Summit, SolarWinds CISO and VP, Security Tim Brown spoke about the sophistication level of adversaries and how to minimize future security risks.

Secure by Design in the news

It’s no longer enough to simply chase after an improved security posture.

The sophistication of security threats today requires evolved processes and operations to mitigate and proactively combat risk. Gather cybersecurity insights and best practices from our thought leaders.