CrowdStrike Lessons Learned: Stricter Testing and Human Verification

Summary A software update by CrowdStrike caused a blue screen of death on 8.5 million Windows machines, leading to widespread flight cancellations and disruptions. The incident raised questions about the reliability of EDR and MDR solutions embedded in the kernel. Cybercriminals took advantage of the situation by setting up scam websites and domains. MSPs and organizations should consider vendor due diligence and have alternative solutions in case of similar incidents. Microsoft may reevaluate its control over the kernel and software vendors' access to it. Lessons learned include the need for more stringent testing and human verification after automated testing.