The U.S. Securities and Exchange Commission filed a joint motion on Nov. 20, 2025 and asked the court to voluntarily dismiss its enforcement action against SolarWinds Corp. and the company’s chief information security officer, Timothy G. Brown; the court docket is available here.
The SEC originally charged SolarWinds and Brown in October 2023 with fraud and internal control failures, alleging the company overstated its cybersecurity practices, understated or failed to disclose known risks, and ignored repeated red flags that left assets inadequately protected, according to the agency’s enforcement release.
Many of those allegations were rejected by the U.S. District Court for the Southern District of New York in July 2024, with the court finding the claims did not plausibly plead actionable deficiencies and relied on hindsight and speculation; the underlying breach was a 2020 supply‑chain compromise attributed to the state‑sponsored actor APT29.
The SEC said the decision to seek dismissal ‘does not necessarily reflect the Commission’s position on any other case.’ SolarWinds’ chief executive Sudhakar Ramakrishna said the development marks the end of an era for the company and emphasized it is stronger and better prepared, in remarks posted on the company site.