BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] CrowdStrike Fiasco
- Subject: [Discuss] CrowdStrike Fiasco
- From: dsr at randomstring.org (Dan Ritter)
- Date: Mon, 22 Jul 2024 16:42:47 -0400
- In-reply-to: <1721678171.bbn1zp1iucskcg8o@gaseknet.mail.everyone.net>
- References: <20240722090043.3d5b68ef.Richard.Pieri@gmail.com> <20240722142315.ogmd5qla5hrcr5lz@randomstring.org> <ac39bd9e-98dc-4320-aade-2d35025bd612@syntheticblue.com> <1721678171.bbn1zp1iucskcg8o@gaseknet.mail.everyone.net>
jim at gasek.net wrote: > > HIRE GOOD PEOPLE. > TEST YOUR CODE. > DEPLOY TO A SANDBOX FIRST. > DOUBLE CHECK STAGING FILES. > CROSSTRAIN YOUR STAFF. > CHECK YOUR WORK!!!! > > Right now the entire country is re-evaluating how they deploy patches. > > Shame on you if you accept and deploy a vendors patches without testing. > > The safety of the computing environment of the entire world should not be in the hands of a couple people, period.?? These are all good practices, but I'll also point out that every* organization needs an explicit security policy based on an explicit threat model, and insiders and vendors are definitely threats. A careless person with root can do more damage than an intentional outside attacker. -dsr- *Yes, sure, this is hyperbole.
- References:
- [Discuss] CrowdStrike Fiasco
- From: richard.pieri at gmail.com (Rich Pieri)
- [Discuss] CrowdStrike Fiasco
- From: dsr at randomstring.org (Dan Ritter)
- [Discuss] CrowdStrike Fiasco
- From: daniel at syntheticblue.com (Daniel M Gessel)
- [Discuss] CrowdStrike Fiasco
- From: jim at gasek.net (jim at gasek.net)
- [Discuss] CrowdStrike Fiasco
- Prev by Date: [Discuss] CrowdStrike Fiasco
- Next by Date: [Discuss] CrowdStrike Fiasco
- Previous by thread: [Discuss] CrowdStrike Fiasco
- Next by thread: [Discuss] CrowdStrike Fiasco
- Index(es):