Click Here 153. Mic Drop: CrowdStrike and the importance of kernels
Aug 2, 2024
TJ Nelson, a threat intelligence expert at Recorded Future, dives into the recent CrowdStrike outage that left millions in the dark. He examines how this incident impacted critical sectors like banking and healthcare. The conversation highlights the vital role of kernel-level software in security frameworks and the dangers of software update failures, showcasing how a simple logic error led to widespread chaos. Nelson also discusses the importance of rigorous quality assurance and the ongoing challenges of software vulnerabilities in today's digital world.
AI Snips
Chapters
Transcript
Episode notes
Kernel Importance in Security Software
- Falcon software operates at the kernel level, the core of the operating system responsible for booting and overall function.
- Problems at the kernel level can cause serious system-wide failures, such as the blue screen of death.
CrowdStrike's Faulty Software Update
- On July 19, CrowdStrike's Falcon software update contained a bug causing 8.5 million computers worldwide to crash repeatedly.
- The faulty update affected the kernel level, preventing computers from booting correctly.
Prevent Software Update Failures
- Companies must rigorously test software updates through manual, automatic, and sandbox simulations to prevent glitches.
- Employ rolling updates and quick rollbacks to minimize impact and catch issues before wide deployment.