Security Hot Takes: CrowdStrike Outage Post-mortem
by Bri Frost, Aaron Rosenmund and Michael Teske
So, CrowdStrike blew up the internet! But what really happened and why was the impact so big? We’ll take you through the what, how and why of the CrowdStrike outage and cover some lessons we can all learn from the event.
What you'll learn
On July 19 2024, CrowdStrike pushed an update to security sensors on customer networks. The update contained “problematic content” on Windows devices that wasn’t identified by its internal testing processes. This led to a Windows ‘Stop Error’, or Blue Screen of Death (BSOD), on any device that received the update. Companies worldwide ground to a halt - airports halted flights and hospitals postponed medical procedures. But why? In this course you’ll learn what went wrong, why the impact was so widespread, and how it was fixed. You’ll also understand why a relatively small update had such a significant impact, and what we can learn from this type of incident.
About the authors
Bri is a renowned expert with 7 years of experience in the field of Cybersecurity and IT, bringing a unique perspective to the table. As the Director of Security Curriculum and Research at Pluralsight, Bri is instrumental in developing the cutting-edge cybersecurity curriculum and content strategy. With a wealth of knowledge as an author of Pluralsight training content, she infuses a "red-team" or attacker-focused mindset into her teachings to grasp security concepts and defense strategies effec... moretively.
Bri holds a bachelor's degree in InfoSystems and Technologies and is certified with Security+ and Pentest+ credentials.
Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation. Leveraging his administration and automation experience, Aaron actively contributes to multiple open and closed source security operation platform projects and continues to create tools and content to benefit the community. As an educator & cyber security researcher at Pluralsight, he is focused on advancing cyber secur... moreity workforce and technologies for business and national enterprises alike. In support of the Air National Guard, he contributes those skills part time in various initiatives to defend the nation in cyberspace. Certifications: GIAC GCIA, GIAC GCED, CCNA Cyber Operations, Pentest+, CySa+, CASP
www.AaronRosenmund.com
@arosenmund
"ironcat"
Michael Teske is a principal security author with Pluralsight helping people build their skills toolkit. Michael has 25+ years of experience in the IT Ops/Cloud/Cybersecurity industry including 17 of those years as an IT instructor at a technical college, focusing on Microsoft server infrastructure, security and automation. Michael attained his MBA with an emphasis in Computer Information System Security several years ago. Michael still keeps up with the industry as an independent consultant in ... morehis spare time. Michael finds personal and professional growth by helping others discover the world of technology by sharing his passion as a tech enthusiast in all aspects. He understands the worker shortage in the cybersecurity space and continues to be an advocate for an industry that has provided a fulfilling career for himself.