Security News

CrowdStrike has hired two outside security firms to review the Falcon sensor code that sparked a global IT outage last month - but it may not have an awful lot to find, because CrowdStrike has identified the simple mistake that caused the incident. The update went through the usual development and testing, and then CrowdStrike pushed a new "Template Type" including the IPC-related info to its Falcon sensors in a "Channel File" numbered 291.

The legal spars between Delta Air Lines and CrowdStrike are heating up, with the cybersecurity firm claiming that Delta's extended IT outage was caused by poor disaster recovery plans and the...

"Delta's public threat of litigation distracts from this work and has contributed to a misleading narrative that CrowdStrike is responsible for Delta's IT decisions and response to the outage," the letter reads. "Should Delta pursue this path, Delta will have to explain to the public, its shareholders, and ultimately a jury why CrowdStrike took responsibility for its actions - swiftly, transparently, and constructively - while Delta did not."

Cybersecurity company CrowdStrike has been sued by investors who say it provided false claims about its Falcon platform after a bad security update led to a massive global IT outage causing the...

In what will likely be one of many class-action complaints against the embattled IT security firm, a retirement association has accused CrowdStrike, its CEO George Kurtz, and CFO Burt Podbere of defrauding it and fellow shareholders by making false and misleading statements about the biz's Falcon endpoint defense software. CrowdStrike and its top execs "Repeatedly touted the efficacy of the Falcon platform while assuring investors that CrowdStrike's technology was 'validated, tested, and certified,'" the Plymouth County Retirement Association's lawsuit [PDF], filed this week in Texas federal court, reads.

Delta Air Lines lost hundreds of millions of dollars due to the CrowdStrike outage earlier this month - and it has hired a high-powered law firm to claw some of those lost funds back, potentially from the Falcon maker and Microsoft itself. CNBC broke the news yesterday that Delta had hired famed lawyer David Boies to look into what the airline could do to recoup as much as an estimated $500 million in operational losses due to the July 19 CrowdStrike outage.

While CrowdStrike has since deployed a fix, it's understandable for businesses to be wary of CrowdStrike as a viable EDR provider given the scale of the incident. In this article, we take a look at the best CrowdStrike alternatives and competitors for you and your organization.

Estimated financial losses due to the recent massive IT outage triggered by the faulty CrowdStrike update are counted in billions, but the unfortunate incident is having several positive effects, as well. As CrowdStrike was forced to explain, in great detail, how they roll out updates for its Falcon Sensors, what testing they perform beforehand, and how they plan to improve the whole process to prevent similar accidents from happening in the future, other cybersecurity vendors - such as Fortinet, Secureworks, and Bitdefender - have spelled out their own software and content update release processes.

Redmond shared a technical incident response write-up on Saturday - titled "Windows Security best practices for integrating and managing security tools" - in which veep for enterprise and OS security David Weston explained how Microsoft measured the impact of the disaster: By accessing crash reports shared by customers. Weston's post justifies how Windows performed, on the grounds that kernel-level drivers - like those employed by CrowdStrike - can improve performance and prevent tampering with security software.

Microsoft has admitted that its estimate of 8.5 million machines crashed by CrowdStrike's faulty software update was almost certainly too low, and vowed to reduce infosec vendors' reliance on the kernel drivers at the heart of the issue. Redmond posted an incident response blog on Saturday - titled "Windows Security best practices for integrating and managing security tools" - in which veep for enterprise and OS security David Weston explained how Microsoft measured the impact of the incident: by accessing crash reports shared by customers.