CrowdStrike Changes Software Update System After Widespread Outage

A top CrowdStrike executive appeared before Congress on Tuesday to address the company’s massive July service outage and the steps taken since then.

Speaking to the House Committee on Homeland Security, CrowdStrike senior VP for Counter Adversary Operations Adam Meyers outlined steps the company has taken since a botched software update crippled systems around the world.

“Despite our strong track record, we let our customers down,” said Meyers.

“I can assure you that we continue to approach this with a great sense of urgency.”

News Spotlight: CrowdStrike outage

Among the largest changes CrowdStrike implemented since the outage is the way updates are pushed out, Meyers explained. Under its new scheme, Crowdstrike will utilize a tier system that customers will have to opt into.

Once an update undergoes internal “dog food” testing on CrowdStrike’s own systems, updates will be sent out to the “early adopter” tier. This level is intended for non-critical systems or for administrators who want to test the updates ahead of pushing them to the full company.

From there, the update will reach a “general availability” tier intended to cover the majority of CrowdStrike customers. The idea is that once the update reaches this phase, it will have been trialed not only by CrowdStrike, but also by a number of outside systems.

Those who wish to further test their updates for fear of taking down critical systems can opt to wait even longer for a third tier, or simply install their security software updates manually.

One thing CrowdStrike does not plan to do is remove itself from the kernel mode access that was at the heart of the July outage. Meyers said that having visibility into the Windows kernel is essential for security software as it prevents malware from getting into the lowest levels of the system and disabling security protections.

“While we have fixed the issue that lead to this incident, there are many other threats on the horizon,” Meyers told Congress.

The hearing itself was a fairly friendly matter, as the committee members opted not to grill Meyers over CrowdStrike’s shortcomings. On more than one occasion, the Congress members praised the security vendor and emphasized that they simply wanted to get a better understanding of what happened and what is being done to prevent it from happening again.

“The bottom line is we need CrowdStrike to be effective and successful, because its effectiveness and success is essential for the success of the companies it protects,” said Rep. Eric Swalwell, D-Calif.

READ MORE HERE