Security News > 2024 > July > Some good may come out of the CrowdStrike outage
Estimated financial losses due to the recent massive IT outage triggered by the faulty CrowdStrike update are counted in billions, but the unfortunate incident is having several positive effects, as well.
As CrowdStrike was forced to explain, in great detail, how they roll out updates for its Falcon Sensors, what testing they perform beforehand, and how they plan to improve the whole process to prevent similar accidents from happening in the future, other cybersecurity vendors - such as Fortinet, Secureworks, and Bitdefender - have spelled out their own software and content update release processes.
David Weston, VP of Enterprise and OS Security at Microsoft, has penned a post explaining why security vendors leverage a kernel driver architecture: for system-wide visibility, to detect bootkits and rootkits, for faster data collection and analysis, and for tamper resistance.
Security vendors can use minimal sensors that run in kernel mode for data collection and enforcement limiting exposure to availability issues. The remainder of the key product functionality includes managing updates, parsing content, and other operations can occur isolated within user mode where recoverability is possible," he said, and outlined Windows' user mode protections vendors can use to protect their key security processes and maintain event visibility.
Based on publicly available data, UpGuard has compiled a list of companies that have been affected by the CrowdStrike Falcon incident - and it's long.
On Thursday, CrowdStrike said that over 97% of its Windows Falcon Sensors were back online.
News URL
https://www.helpnetsecurity.com/2024/07/29/crowdstrike-outage-positive-effects/
Related news
- CrowdStrike update crashes Windows systems, causes outages worldwide (source)
- Update: Worldwide IT outage due to buggy Crowdstrike sensor configuration update (source)
- Week in review: CrowdStrike update causes widespread IT outage, critical Splunk Enterprise flaw (source)
- Administrators have update lessons to learn from the CrowdStrike outage (source)
- CrowdStrike: Buggy Validator Started Massive Outage (source)
- The CrowdStrike Outage and Market-Driven Brittleness (source)
- Week in review: CrowdStrike-triggered outage insights, recovery, and measuring cybersecurity ROI (source)
- CrowdStrike sued by investors over massive global IT outage (source)
- Crowdstrike: Delta Air Lines refused free help to resolve IT outage (source)
- CrowdStrike Reveals Root Cause of Global System Outages (source)