this post was submitted on 06 Oct 2024
319 points (98.2% liked)

Asklemmy

43940 readers
413 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 

I would honestly think freezing airports, hospitals and other services for days would cause a lot of legal trouble.

At least that's what would happen if an experienced hacker did the same thing.

you are viewing a single comment's thread
view the rest of the comments
[–] Murdified@lemmy.sdf.org 27 points 1 month ago (1 children)

Well, for one, it's not known as "BSOD day" by any other customers that I know of. For two, there are contractual obligations, which prevents businesses from immediately pulling the plug and depriving them of funds, or from having knee jerk reactions, depending on your perspective. And finally, in just my own opinion, no other alternative solution provides a more compelling case for risk reduction without the same potential compromises even given the faulty deployment methodology that CS used. Sad, but true in my experience.

Needing kernel code for security sucks, don't have better options right now, encourage startups and take risks on them instead.

[–] Brkdncr@lemmy.world 4 points 1 month ago (1 children)

Sadly I’d say Cylance has a feature-complete alternative to Crowdstrike but Blackberry has done everything possible to not promote the product.

[–] digdilem@lemmy.ml 1 points 1 month ago* (last edited 1 month ago) (1 children)

Cylance was comparable several years ago. But, as you say, Blackberry bought it. Development effectively stopped at that moment. Reported bugs were going un-triaged and the software stopped moving forwards and AV software that isn't constantly adapting becomes a security risk in itself. The two are not comparable now - CS has a lot of extra features, especially in attack monitoring and analysis.

We were Cylance customers, and we changed to Crowdstrike when our contract expired. It was the right choice at the time, as was our decision to choose Cylance before them. Turns out we have pretty crappy luck.

[–] Brkdncr@lemmy.world 2 points 1 month ago

Yeah cylance definitely had some issues but it seems like they’ve recently been doing better in bringing features.

Another in this space is Palo Alto Networks XDR.