CrowdStrike criticizes attacks by competitors seeking profit
After a software update error that paralyzed 8.5 million PCs worldwide a few weeks ago, CrowdStrike is facing criticism from competitors. However, the security company is defending itself against the “shady” attempts of its competitors to gain market share.
The long-term consequences of a mega-failure
CrowdStrike, one of the leading providers of cybersecurity solutions, is coming under increasing pressure after a serious IT outage. As the Financial Times reported, the company is now vehemently defending itself against criticism and attempts to poach competitors. On July 19, 2024, CrowdStrike distributed a faulty configuration update for its Falcon sensor software, which runs on Windows PCs and servers. A minimal change in a configuration file caused an out-of-bounds memory access in the Windows sensor client.
This in turn led to an invalid page fault that forced millions of devices worldwide into a boot loop or into recovery mode. Or in short: the Blue Screen of Death. The impact was immense: an estimated 8.5 million Windows devices were affected, including systems in hospitals and airlines. Delta Airlines had to cancel 6,000 flights due to the IT outage and estimates the damage at around $500 million. The company has since threatened legal action, but no lawsuit has yet been filed.
Since then, CrowdStrike has been trying – quite successfully and aggressively – to limit the damage. President Michael Sentonas defended his company to the Financial Times and described the competitors’ attempts to profit from the incident as “shady” and “misleading”. He stressed that no other security provider could guarantee that a similar incident could be ruled out with their own product.
Industry against CrowdStrike
Competitor SentinelOne was particularly harsh in its criticism of CrowdStrike. CEO Tomer Weingarten described the global outage as the result of “poor design decisions” and a “risky architecture” at CrowdStrike. Trellix CEO Bryan Palma also took the opportunity to emphasize his company’s conservative approach.
The criticism from competitors focuses primarily on CrowdStrike’s use of kernel mode. While this approach allows for deeper integration into Windows systems and thus potentially offers better protection, it also carries risks – as was seen in mid-July. However, Sentonas defends the decision to continue working in kernel mode: “The reason we are in the kernel is because it gives us the ability to get visibility into everything that is happening in the system. It means we can protect the security product and also that we can act quickly – and it is a very common way of working across the industry.”
Financial impact and market reaction
The impact of the incident is also being felt on the stock market. While the shares of competitors such as SentinelOne and Palo Alto Networks have risen significantly since the incident, CrowdStrike has lost almost a quarter of its market value.
Nikesh Arora, CEO of Palo Alto Networks, reports increased interest from potential customers: “It’s exciting because customers are willing to consider us.” IT research firm Gartner estimates that CrowdStrike’s share of revenue in the endpoint security market for enterprises last year was only surpassed by Microsoft and was more than double that of its nearest competitor, Trellix.
Lessons and consequences
CrowdStrike itself has announced various improvements in response to the incident. New testing mechanisms and staggered updates are to be introduced to prevent a repeat of the massive outage. Nevertheless, the company is sticking to its strategy of working in kernel mode. Despite the current turmoil, Sentonas is convinced that CrowdStrike will emerge from the crisis stronger:
“I am absolutely certain that we will be a much stronger organization after something happened that should never have happened.” He said that many customers now see CrowdStrike as the most “battle-tested” security product in the industry. What do you think about this incident and its impact on the cybersecurity industry? Should companies rethink their security strategy? Share your opinions and experiences in the comments!
Digital marketing enthusiast and industry professional in Digital technologies, Technology News, Mobile phones, software, gadgets with vast experience in the tech industry, I have a keen interest in technology, News breaking.