@vegeta to TechnologyEnglish • 27 days agoCrowdStrike unhappy with “shady commentary” from competitors after outagearstechnica.comexternal-linkmessage-square104arrow-up1557arrow-down18cross-posted to: [email protected]
arrow-up1549arrow-down1external-linkCrowdStrike unhappy with “shady commentary” from competitors after outagearstechnica.com@vegeta to TechnologyEnglish • 27 days agomessage-square104cross-posted to: [email protected]
minus-square@Passerby6497linkEnglish21•26 days agoI appreciated the RiskyBiz episode with the Sentinel one guys where they go over all the ways this could have been prevented if they did real testing Crowdstrike absolutely deserves the shit they’re getting.
minus-square@ozymandias117linkEnglish4•26 days agoOh god. Sentinel one is horrible. If they’re taking issue with your testing, you’ve really screwed the pooch
minus-square𝕸𝖔𝖘𝖘linkfedilinkEnglish1•26 days agoHorrible how? I’ve always thought they were pretty solid in the arena.
minus-square@ozymandias117linkEnglish3•edit-226 days agoTheir ftrace hooks caused all disk usage to be serialized, making your multi-core processor single-core when doing anything I/O bound We saw between 500% - 800% increases in build times with their software installed
minus-square@ozymandias117linkEnglish3•26 days agoWe’re still using them on machines where performance doesn’t matter On build machines, they’re on a special VLAN and don’t have endpoint protection, but they only download from a protected mirror
minus-square𝕸𝖔𝖘𝖘linkfedilinkEnglish1•25 days agoWe have a similar issue with defender, but those machines are internet connected, so we must have EDR on them.
I appreciated the RiskyBiz episode with the Sentinel one guys where they go over all the ways this could have been prevented if they did real testing
Crowdstrike absolutely deserves the shit they’re getting.
Oh god. Sentinel one is horrible. If they’re taking issue with your testing, you’ve really screwed the pooch
Horrible how? I’ve always thought they were pretty solid in the arena.
Their ftrace hooks caused all disk usage to be serialized, making your multi-core processor single-core when doing anything I/O bound
We saw between 500% - 800% increases in build times with their software installed
Well, that’s spectacular. What do you guys use now?
We’re still using them on machines where performance doesn’t matter
On build machines, they’re on a special VLAN and don’t have endpoint protection, but they only download from a protected mirror
We have a similar issue with defender, but those machines are internet connected, so we must have EDR on them.