The Fallout and Lessons Learned from the CrowdStrike Fiasco - Allie Mellen, Jeff Pollard - ASW #296

Update: 2024-08-20

Description

This week, Jeff Pollard and Allie Mellen join us to discuss the fallout and lessons learned from the CrowdStrike fiasco. They explore the reasons behind running in the kernel, the challenges of software quality, and the distinction between a security incident and an IT incident. They also touch on the need to reduce the attack surface and the importance of clear definitions in the cybersecurity industry. The conversation explores the need for a product security revolution and the importance of transparency and trust in security vendors.

Show Notes: https://securityweekly.com/asw-296

Comments

Top Podcasts

The Best New Comedy Podcast Right Now – June 2024 The Best News Podcast Right Now – June 2024 The Best New Business Podcast Right Now – June 2024 The Best New Sports Podcast Right Now – June 2024 The Best New True Crime Podcast Right Now – June 2024 The Best New Joe Rogan Experience Podcast Right Now – June 20 The Best New Dan Bongino Show Podcast Right Now – June 20 The Best New Mark Levin Podcast – June 2024

In Channel

Typosquatting NPM, vulnerability analysis, and AI challenges - ASW #307

2024-11-1235:50

Modernizing AppSec - Melinda Marks - ASW #307

2024-11-1233:41

Total Recall? LLM finds bug in SQLite, C++ safety failures, zero time for zero privs - ASW #306

2024-11-0533:29

$Bug bounties, vulnerability disclosure, PTaaS, fractional pentesting - Grant McCracken - ASW #306$

Bug bounties, vulnerability disclosure, PTaaS, fractional pentesting - Grant McCracken - ASW #306

2024-11-0532:08

Protecting Identity of AI Agents & Standardizing Identity Security for SaaS Apps - Shiven Ramji, Arnab Bose - ASW #305

2024-10-2930:42

Making TLS More Secure, Lessons from IPv6, LLMs Finding Vulns - ASW #305

2024-10-2953:04

JSON Parsing, Email Parsing, CISA's Bad Practices Guide, Abusing Disclosure Policies - ASW #304

2024-10-2238:34

The Complexities, Configurations, and Challenges in Cloud Security - Scott Piper - ASW #304

2024-10-2238:53

Perl & PHP Vulns, Fuzzing & Parsers, Protecting Multi-Hosted Tenants, Secure Design - ASW #303

2024-10-1542:00

RCE from Iconv + PHP, Fuzzing a Codec, Fuzzing LLMs, Revisiting Recall - ASW #302

2024-10-0837:03

The Future of Zed Attack Proxy - Simon Bennetts, Ori Bendet - ASW #302

2024-10-0835:34

More Car Hacks, CUPS Vulns, Microsoft's SFI, Memory Safety, Password Complexity - ASW #301

2024-09-3045:57

Fuzzing for Vulns, GitLab Auth Bypass, JPEG Vulns, Programming Language Ranks - ASW #300

2024-09-2432:45

Vulnerable APIs and Bot Attacks: Two Interconnected, Growing Security Threats - David Holmes - ASW #300

2024-09-2435:07

A TLD Takeover, An LLM CTF, A Firmware Flaw, 6 Truths of Cyber Risk - ASW #299

2024-09-1729:16

Bringing Secure Coding Concepts to Developers - Dustin Lehr - ASW #299

2024-09-1733:10

Paying Down Tech Debt, Rust in Firmware, EUCLEAK, Deploying SSO - ASW #298

2024-09-1056:25

Close the Security Theater: Enter Resilience - Kelly Shortridge - ASW Vault

2024-09-0237:48

Apache HTTPD Vulns, Hacking IoT Speakers, Use Cases for WASM, Slack AI Leak - ASW #297

2024-08-2727:08

Changing the Course of IoT's Future from Its Insecure Past - Paddy Harrington - ASW #297

2024-08-2737:21

00:00

1.0x

The Fallout and Lessons Learned from the CrowdStrike Fiasco - Allie Mellen, Jeff Pollard - ASW #296

#box-pro-ellipsis-173148112602171{-webkit-line-clamp:2;}The Fallout and Lessons Learned from the CrowdStrike Fiasco - Allie Mellen, Jeff Pollard - ASW #296

The Fallout and Lessons Learned from the CrowdStrike Fiasco - Allie Mellen, Jeff Pollard - ASW #296

The Fallout and Lessons Learned from the CrowdStrike Fiasco - Allie Mellen, Jeff Pollard - ASW #296