Artwork

Conteúdo fornecido por Eficode. Todo o conteúdo do podcast, incluindo episódios, gráficos e descrições de podcast, é carregado e fornecido diretamente por Eficode ou por seu parceiro de plataforma de podcast. Se você acredita que alguém está usando seu trabalho protegido por direitos autorais sem sua permissão, siga o processo descrito aqui https://pt.player.fm/legal.
Player FM - Aplicativo de podcast
Fique off-line com o app Player FM !

CrowdStrike root cause analysis

22:17
 
Compartilhar
 

Manage episode 435191717 series 3448482
Conteúdo fornecido por Eficode. Todo o conteúdo do podcast, incluindo episódios, gráficos e descrições de podcast, é carregado e fornecido diretamente por Eficode ou por seu parceiro de plataforma de podcast. Se você acredita que alguém está usando seu trabalho protegido por direitos autorais sem sua permissão, siga o processo descrito aqui https://pt.player.fm/legal.

Send us a text

Marc and Darren discuss the recent CrowdStrike root cause analysis (RCA) following a significant incident where an update to their Falcon sensor caused around 8 million Windows computers to crash.
The incident was traced back to an error in the software update that expected 20 inputs but received 21, leading to widespread blue screen crashes. The importance of thorough testing, including exploratory and canary testing, to catch issues before widespread deployment is covered by Marc and Darren, who also discuss the pressures in security software development. Rapid responses are critical, and this can lead to oversights.
One of the key takeaways is the high quality and transparency of CrowdStrike's RCA, which provided a detailed timeline, technical explanations, and a third-party review. Marc and Darren advocate for shifting from traditional "root cause analysis" to a "contributing factors analysis" to avoid placing blame and encourage open communication and learning from mistakes.
In this insightful episode, find out why fostering a generative organizational culture that encourages learning and transparency is so important, especially in security-focused development environments.
Watch our webinar to see how DevOps practices and tools help you integrate security and compliance into your software development: https://www.eficode.com/events/compliance-and-security-in-the-devops-world
Take our DevSecOps assessment to reveal where you are and how to secure your pipelines, toolchain, and products both now and in the future: https://www.eficode.com/services/devsecops-assessment

  continue reading

169 episódios

Artwork
iconCompartilhar
 
Manage episode 435191717 series 3448482
Conteúdo fornecido por Eficode. Todo o conteúdo do podcast, incluindo episódios, gráficos e descrições de podcast, é carregado e fornecido diretamente por Eficode ou por seu parceiro de plataforma de podcast. Se você acredita que alguém está usando seu trabalho protegido por direitos autorais sem sua permissão, siga o processo descrito aqui https://pt.player.fm/legal.

Send us a text

Marc and Darren discuss the recent CrowdStrike root cause analysis (RCA) following a significant incident where an update to their Falcon sensor caused around 8 million Windows computers to crash.
The incident was traced back to an error in the software update that expected 20 inputs but received 21, leading to widespread blue screen crashes. The importance of thorough testing, including exploratory and canary testing, to catch issues before widespread deployment is covered by Marc and Darren, who also discuss the pressures in security software development. Rapid responses are critical, and this can lead to oversights.
One of the key takeaways is the high quality and transparency of CrowdStrike's RCA, which provided a detailed timeline, technical explanations, and a third-party review. Marc and Darren advocate for shifting from traditional "root cause analysis" to a "contributing factors analysis" to avoid placing blame and encourage open communication and learning from mistakes.
In this insightful episode, find out why fostering a generative organizational culture that encourages learning and transparency is so important, especially in security-focused development environments.
Watch our webinar to see how DevOps practices and tools help you integrate security and compliance into your software development: https://www.eficode.com/events/compliance-and-security-in-the-devops-world
Take our DevSecOps assessment to reveal where you are and how to secure your pipelines, toolchain, and products both now and in the future: https://www.eficode.com/services/devsecops-assessment

  continue reading

169 episódios

Todos os episódios

×
 
Loading …

Bem vindo ao Player FM!

O Player FM procura na web por podcasts de alta qualidade para você curtir agora mesmo. É o melhor app de podcast e funciona no Android, iPhone e web. Inscreva-se para sincronizar as assinaturas entre os dispositivos.

 

Guia rápido de referências