Why CrowdStrike's Baffling BSOD Disaster Was Avoidable

Показать описание

Risky Business host Patrick Gray talks to SentinelOne's Chris Krebs and Alex Stamos about CrowdStrike's baffling failure and what it means for the wider security industry, government regulation and more. SentinelOne is a direct CrowdStrike competitor but this is a wide ranging chat about the can of worms the BSOD incident has opened.

Risky Business Media

Комментарии

I completely agree with Alex on this one. It’s unacceptable for a cybersecurity company to cause an outage / cyber incident that affects the availability of most of its customers, and effectively affecting the world.

There are many lessons even for us to learn from this event and there are better protocols and practices to prevent this incident that were not done.

Miglen

First time seeing Patrick's face. I always imagined he looked like the EEVBlog guy.

mgjk

8 mins in Airlock Digital and Silvio Cesare mention - it's a small world

mhackling

Machines in our office only blue-screened once or twice; none of them required intervention to resolve the issue. Perhaps CrowdStrike did do basic smoke testing of the update but saw no issues.

andythebritton

"It's not true that this could happen to anyone"
Until it does, that is. There's no 100% error proof technology.

I believe the update was tested and flagged as buggy by Crowdstrike, but some human error (which should not have been allowed) made it go through anyways.

Said that: the thing that absolutely surprised me is that they did not release the update to a small subset of endpoints and gathered telemetry back before rolling it out to every other customer.

Ironfranko

Loving the iSEC Partners shout out at the start!

aarongrattafiori

Jeez, why have the competition on the video. This is why you need to do business with Sentinel One sales pitch.

drbrycedavis

So, this opened with “let’s talk to competitors of Crowdstrike talk smack about Crowdstrike” and then they did. These guys are great guys, but they have a vested (literally financial) interest in tearing them down. This shoots your credibility completely. I used to work there and ACTUALLY know things were done there when I was there. These guys don’t. Note: I do not have any interests in either of these companies. About interviewing people who are above reproach on this topic.

mikeconvertino

Would love to hear this discussion consider the responsibility of global enterprises to test before enabling the rollout of an automated update to millions of critical path systems. Do these enterprise IT shops really not use any sort of tiered deployment? Did they really fail to perform the simplest "my brother in law is an IT guy" tests on even a single air-gapped PC? Think: "Hey Joe, install this pending update, reboot and tell me what happens". Simplistic questions, no doubt.

Not apologizing for Crowdstrike or MSFT, but it feels like the responsibility for this goes beyond those 2 vendors.

markriffey

this could happen to anybody that uses crowdstrike

icantseethis

main takeaway for a lot of CEOs will be that they don’t need QA teams. we need to hold crowdstrike accountable or live with even shittier products for the rest of our life

kautzz

The whole video is what you emphasized it wouldn't be, ambulance chaising. Lowest type of marketing, definitely not talking to S1 reps

DailyWisdom

Terribly biased episode. Shame from a podcast I hold in high esteem.

AdventuresinCyber