When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
The risk of lawsuits being launched against CrowdStrike by companies impacted in this way remains very real.
But the uncomfortable truth is: it almost certainly will.
Chief Executive of ARIA Cybersecurity Solutions.
In fact, CrowdStrike revealed to Congress that it issues 10 to 12 similar updates every single day.
We can assume that the majority of the other Magic Quadrant EDR vendors employ similar levels of constant updating.
A minor issue may result in false positives that cause disruption.
Up to now, this risk has been justified by the EDR industry.
Thats because theyre always one step behind the bad guys.
To block an attack, a cybersecurity vendor first needs to be aware of it.
As a result, vendors that use this model are permanently in reactive mode.
And as the number of attacks continues to grow, so must the number of updates.
It could be classified as an unintentional supply chain attack.
How can I trust what my vendor is sending me?
But resorting to manual validation processes requires time and human resources.
This can be challenging because EDR vendors often make it difficult to intercept such updates.
Moving beyond the patch-and-update model
How can companies protect themselves?
This means protection from zero-day attacks on day zero, not shortly thereafter.
It is a complement to existing solutions, rather than a replacement.
We’ve featured the best encryption software.
The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc.
If you are interested in contributing find out more here:https://www.techradar.com/news/submit-your-story-to-techradar-pro
