Offline dengan aplikasi Player FM !
CrowdStrike root cause analysis
Manage episode 435191717 series 3448482
Marc and Darren discuss the recent CrowdStrike root cause analysis (RCA) following a significant incident where an update to their Falcon sensor caused around 8 million Windows computers to crash.
The incident was traced back to an error in the software update that expected 20 inputs but received 21, leading to widespread blue screen crashes. The importance of thorough testing, including exploratory and canary testing, to catch issues before widespread deployment is covered by Marc and Darren, who also discuss the pressures in security software development. Rapid responses are critical, and this can lead to oversights.
One of the key takeaways is the high quality and transparency of CrowdStrike's RCA, which provided a detailed timeline, technical explanations, and a third-party review. Marc and Darren advocate for shifting from traditional "root cause analysis" to a "contributing factors analysis" to avoid placing blame and encourage open communication and learning from mistakes.
In this insightful episode, find out why fostering a generative organizational culture that encourages learning and transparency is so important, especially in security-focused development environments.
Watch our webinar to see how DevOps practices and tools help you integrate security and compliance into your software development: https://www.eficode.com/events/compliance-and-security-in-the-devops-world
Take our DevSecOps assessment to reveal where you are and how to secure your pipelines, toolchain, and products both now and in the future: https://www.eficode.com/services/devsecops-assessment
170 episode
Manage episode 435191717 series 3448482
Marc and Darren discuss the recent CrowdStrike root cause analysis (RCA) following a significant incident where an update to their Falcon sensor caused around 8 million Windows computers to crash.
The incident was traced back to an error in the software update that expected 20 inputs but received 21, leading to widespread blue screen crashes. The importance of thorough testing, including exploratory and canary testing, to catch issues before widespread deployment is covered by Marc and Darren, who also discuss the pressures in security software development. Rapid responses are critical, and this can lead to oversights.
One of the key takeaways is the high quality and transparency of CrowdStrike's RCA, which provided a detailed timeline, technical explanations, and a third-party review. Marc and Darren advocate for shifting from traditional "root cause analysis" to a "contributing factors analysis" to avoid placing blame and encourage open communication and learning from mistakes.
In this insightful episode, find out why fostering a generative organizational culture that encourages learning and transparency is so important, especially in security-focused development environments.
Watch our webinar to see how DevOps practices and tools help you integrate security and compliance into your software development: https://www.eficode.com/events/compliance-and-security-in-the-devops-world
Take our DevSecOps assessment to reveal where you are and how to secure your pipelines, toolchain, and products both now and in the future: https://www.eficode.com/services/devsecops-assessment
170 episode
Semua episode
×Selamat datang di Player FM!
Player FM memindai web untuk mencari podcast berkualitas tinggi untuk Anda nikmati saat ini. Ini adalah aplikasi podcast terbaik dan bekerja untuk Android, iPhone, dan web. Daftar untuk menyinkronkan langganan di seluruh perangkat.