Artwork

Contenu fourni par Eficode. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par Eficode ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
Player FM - Application Podcast
Mettez-vous hors ligne avec l'application Player FM !

CrowdStrike root cause analysis

22:17
 
Partager
 

Manage episode 435191717 series 3448482
Contenu fourni par Eficode. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par Eficode ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.

Send us a text

Marc and Darren discuss the recent CrowdStrike root cause analysis (RCA) following a significant incident where an update to their Falcon sensor caused around 8 million Windows computers to crash.
The incident was traced back to an error in the software update that expected 20 inputs but received 21, leading to widespread blue screen crashes. The importance of thorough testing, including exploratory and canary testing, to catch issues before widespread deployment is covered by Marc and Darren, who also discuss the pressures in security software development. Rapid responses are critical, and this can lead to oversights.
One of the key takeaways is the high quality and transparency of CrowdStrike's RCA, which provided a detailed timeline, technical explanations, and a third-party review. Marc and Darren advocate for shifting from traditional "root cause analysis" to a "contributing factors analysis" to avoid placing blame and encourage open communication and learning from mistakes.
In this insightful episode, find out why fostering a generative organizational culture that encourages learning and transparency is so important, especially in security-focused development environments.
Watch our webinar to see how DevOps practices and tools help you integrate security and compliance into your software development: https://www.eficode.com/events/compliance-and-security-in-the-devops-world
Take our DevSecOps assessment to reveal where you are and how to secure your pipelines, toolchain, and products both now and in the future: https://www.eficode.com/services/devsecops-assessment

  continue reading

169 episodes

Artwork
iconPartager
 
Manage episode 435191717 series 3448482
Contenu fourni par Eficode. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par Eficode ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.

Send us a text

Marc and Darren discuss the recent CrowdStrike root cause analysis (RCA) following a significant incident where an update to their Falcon sensor caused around 8 million Windows computers to crash.
The incident was traced back to an error in the software update that expected 20 inputs but received 21, leading to widespread blue screen crashes. The importance of thorough testing, including exploratory and canary testing, to catch issues before widespread deployment is covered by Marc and Darren, who also discuss the pressures in security software development. Rapid responses are critical, and this can lead to oversights.
One of the key takeaways is the high quality and transparency of CrowdStrike's RCA, which provided a detailed timeline, technical explanations, and a third-party review. Marc and Darren advocate for shifting from traditional "root cause analysis" to a "contributing factors analysis" to avoid placing blame and encourage open communication and learning from mistakes.
In this insightful episode, find out why fostering a generative organizational culture that encourages learning and transparency is so important, especially in security-focused development environments.
Watch our webinar to see how DevOps practices and tools help you integrate security and compliance into your software development: https://www.eficode.com/events/compliance-and-security-in-the-devops-world
Take our DevSecOps assessment to reveal where you are and how to secure your pipelines, toolchain, and products both now and in the future: https://www.eficode.com/services/devsecops-assessment

  continue reading

169 episodes

كل الحلقات

×
 
Loading …

Bienvenue sur Lecteur FM!

Lecteur FM recherche sur Internet des podcasts de haute qualité que vous pourrez apprécier dès maintenant. C'est la meilleure application de podcast et fonctionne sur Android, iPhone et le Web. Inscrivez-vous pour synchroniser les abonnements sur tous les appareils.

 

Guide de référence rapide