• @Passerby6497
    link
    English
    213 months ago

    I appreciated the RiskyBiz episode with the Sentinel one guys where they go over all the ways this could have been prevented if they did real testing

    Crowdstrike absolutely deserves the shit they’re getting.

    • @ozymandias117
      link
      English
      43 months ago

      Oh god. Sentinel one is horrible. If they’re taking issue with your testing, you’ve really screwed the pooch

        • @ozymandias117
          link
          English
          3
          edit-2
          3 months ago

          Their ftrace hooks caused all disk usage to be serialized, making your multi-core processor single-core when doing anything I/O bound

          We saw between 500% - 800% increases in build times with their software installed

            • @ozymandias117
              link
              English
              33 months ago

              We’re still using them on machines where performance doesn’t matter

              On build machines, they’re on a special VLAN and don’t have endpoint protection, but they only download from a protected mirror

              • 𝕸𝖔𝖘𝖘
                link
                fedilink
                English
                13 months ago

                We have a similar issue with defender, but those machines are internet connected, so we must have EDR on them.