You are viewing a single thread.
View all comments View context
3 points
*

The CTO of a competitor, Sentinel one, was just on the security podcast Risky buisness. He went deep into how his company does this.

Apprently, their client touches the kernel much less, so it is less likely to cause issues. They also have a large internal test bed that updates have to pass to go out at all, and then if they have a 2% failure rate during the wide deployment, the update is automatically stopped.

Crowdstrike does almost none of this. There core client is deep in the kernel, making it powerful and dangerous. They apprently do test on their local machines, but the company is an apple shop, so none of the windows updates was tested locally. The updates pushed out started crashing computers immediately, but weren’t stopped for 78 minutes by manual intervention. That was long enough to crash 8 million computers across the world.

permalink
report
parent
reply

Technology

!technology@lemmy.world

Create post

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


Community stats

  • 17K

    Monthly active users

  • 6.1K

    Posts

  • 131K

    Comments