Tiered updates will see the vendor test before sending out.
CrowdStrike has implemented a tier system for updates that customers will have to opt into.
CrowdStrike senior VP for Counter Adversary Operations Adam Meyers outlined steps that the company has taken since the July update affected systems around the world before Congress yesterday.
According to SC US, Meyers admitted that “despite our strong track record, we let our customers down” and assured Congress that it is continuing “to approach this with a great sense of urgency.”
With updates, once these are tested internally on CrowdStrike’s own systems, updates will be sent out to the "early adopter" tier: a level intended for non-critical systems, or for administrators who want to test the updates ahead of pushing them to the full company.
From there, the update will reach a "general availability" tier intended to cover the majority of CrowdStrike customers. The idea is that once the update reaches this phase, it will have been trialed not only by CrowdStrike, but also by a number of outside systems.
One thing CrowdStrike does not plan to do is remove itself from the kernel mode access that was at the heart of the July outage. Meyers said that having visibility into the Windows kernel is essential for security software as it prevents malware from getting into the lowest levels of the system and disabling security protections.
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
