66. Crowdstrike chaos, exclusive customer survey reveals financial exposure
HTML-код
- Опубликовано: 5 сен 2024
- In this week’s episode of theCUBE Pod, theCUBE Research analysts John Furrier and Dave Vellante talk about the tumult caused by a significant CrowdStrike update that caused global system outages, affecting critical infrastructure such as hospitals and police departments.
New episodes every Friday. Subscribe for weekly tech analysis.
Spotify: lnkd.in/ge_TNsSX
Apple Podcasts: lnkd.in/gGYj5sUQ
RUclips: lnkd.in/g5NaFcRu
An exclusive survey revealed that 96% of CrowdStrike customers experienced disruptions, prompting 55% to reconsider their reliance on the company. The financial repercussions included a notable decline in CrowdStrike’s stock, while competitors stand to gain.
To see John and Dave in action, follow theCUBE's live event coverage at www.thecube.net/
This incident underscores the urgent need for improved cybersecurity resilience and sparks a broader conversation about the responsibilities of tech firms in safeguarding critical systems. Furrier and Vellante also discuss the political and social turmoil following a failed assassination attempt on former President Trump, emphasizing severe security breaches.
Read more about the current episode of theCUBE Pod siliconangle.c...
This Week in Enterprise:
CrowdStrike breaks the internet and generative AI gets the side eye
CrowdStrike Holdings ended the week with a bang, or more like a whimper from system administrators around the world, as it sort of broke the internet by issuing an update to its software with a defect that took down Windows computers everywhere.
The cybersecurity company issued a workaround, but the incident, which affected banks, airlines and many other businesses, highlighted how fragile information technology systems can be. CrowdStrike’s stock plunged 11% today. Not more? Dan Primack notes that’s because it’s now seen as “integral to the entire internet.”
Raising the stakes for CrowdStrike, consolidation is continuing in cybersecurity. Alphabet may buy Wiz, as big tech companies such as Google and Cisco look to make a play in cybersecurity versus pure plays.
Also on the acquisition front, GitLab reportedly could get bought by Datadog. DevSecOps and observability may be a good match, though with a market cap of $8.5 billion now, GitLab would be a big gulp for Datadog, so a deal isn’t certain. Other exits such as initial public offerings remain scarce, which makes OneStream’s IPO plans interesting: Is it a one-shot wonder or will it open up software-as-a-service company offerings?
Generative artificial intelligence got the side eye this week from a number of quarters, but big money keeps rolling in. It’s certainly juicing the profits of chip and server makers, as Gartner just upped its server market forecast on gen AI business. Meantime, OpenAI is apparently talking with Broadcom to design an AI chip. At the same time, though further restrictions this week on chip tech going to China tanked semiconductor stocks.
Check out the full article siliconangle.c...
For daily news for CIOs, check out our parent publication at siliconangle.com/
Watch the full lineup of theCUBE Pod • theCUBE Pod with John ...
People mentioned in this podcast:
Lina Khan, chair of the Federal Trade Commission
George W. Bush, 43rd U.S. president
JD Vance, U.S. senator
John F. Kennedy, 35th U.S. president
Joe Biden, 46th U.S. president
Nikki Haley, former governor of South Carolina
Kristen Nicole Martin, director of content operations at theCUBE
Marco Rubio, U.S. senator
Ron DeSantis, governor of Florida
Ted Cruz, U.S. senator
Donald Trump, 45th United States president
Satya Nadella, chairman and CEO of Microsoft
George Kurtz, CEO of CrowdStrike
Rob Strechay, managing director and principal analyst at theCUBE Research
Christophe Bertrand, principal analyst at theCUBE Research
Bob Laliberte, principal analyst at theCUBE Research
Pat Gelsinger, CEO of Intel
Todd McKinnon, CEO of Okta
Nicholas G. Carr, American journalist and writer
Matt Garman, CEO of AWS
Kevin Mandia, CEO of Mandiant
Jeff Bezos, chairman at Amazon
Hock Tan, president and CEO of Broadcom
Ben Reitzes, managing director at Melius Research
Safra Catz, CEO at Oracle Corp.
Rob Hof, editor-in-chief at SiliconANGLE Media
Lisa Spelman, corporate VP and GM of Intel Xeon products at Intel
Zhamak Dehghani, founder and CEO of Nextdata
Benoit Dageville, president of product and co-founder at Snowflake
Swami Sivasubramanian, VP of AI and data at AWS
#theCUBE #theCUBEPod #theCUBEResearch #ThisWeekInEnterprise #infrastructure #cybersecurity #CyberResilience
Great to hear two different views from informed people who can discuss it reasonably (if only politics was like that). Might the "Crowdstrike chaos" problem, or part of it, be that Microsoft has no way to roll out a change to a small region, then a larger region if that goes well enough, and larger regions until it's everywhere? A search only got relevant results from years ago, with complaints about Microsoft using some customers as "guinea pigs" for untested software.
What I've heard so far is - Crowdstrike made their on-device software a driver, even though there's no hardware device for it to drive, because drivers are included in the kernel. It's marked as a boot-start driver, which means it must be installed to start the system, so you can't roll back to a previous good state. To avoid the delay of getting an updated driver certified, Crowdstrike updates definition files which their driver reads. It's speculated that the definition files include p-code, with the driver acting as a code interpreter, which to me seems like a workaround for bypassing certification. One of the crash dumps shared on twitter shows the immediate cause of the crash was a memory pointer set to 9C Hex (with some zeros in front), which I'm guessing was too low to point to valid data. Errors like that in the kernel get the Blue Screen of Death because continuing has risks like corrupting files. It's claimed that the cause of the invalid pointer was loading a file full of zeros, at some prior stage. The retired Microsoft software engineer on "Dave's Garage" said Crowdstrike's driver seemed to have low resilience, with inadequate error-checking and parameter validation, making it less able to flag an error without bringing the system down.
Are tariffs inflationary? Are higher interest rates due to inflation bad for SV?
Warren Buffett once said: never one cockroach