It is incredible that crowdstrike is still operating as a business.
It is also hard to understand why companies continue to deploy shoddy, malware-like "security" software that decreases reliability while increasing the attack surface.
Basically you need another laptop just to run the "security" software.
Ever since Crowdstrike fucked up and took out $10 billion worth of Windows PCs with a bad patch, most of the security folks I know have come around to the view that it is an overall liability. Something lighter-touch carries less risk, even if it isn't quite as effective.
there's a few different reasons:
- its pushed by gov (it gives full access to machines, huge backdoor)
- its not actually the worst of its kind, sadly
- their threat database is good (ie it will catch stuff)
- it lets you look at everything on the machine (not the only one, but, its def. useful)
- its big - cant be faulted for "we had it and we got pwned" - yep, sad as well
If operating systems weren't as poop as they are today, this would not be necessary - but here we are. And I bet you major OS manufacturers will not really fix their OSes without ensuring its just a fully walled garden (terrible for devs.. but you'll probably just run a linux vm for dev on top..). Bad intents lead to bad software.
It is incredible that crowdstrike is still operating as a business.
It is also hard to understand why companies continue to deploy shoddy, malware-like "security" software that decreases reliability while increasing the attack surface.
Basically you need another laptop just to run the "security" software.