• Passerby6497@lemmy.world
    link
    fedilink
    English
    arrow-up
    21
    ·
    4 months ago

    I appreciated the RiskyBiz episode with the Sentinel one guys where they go over all the ways this could have been prevented if they did real testing

    Crowdstrike absolutely deserves the shit they’re getting.

    • ozymandias117@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      4 months ago

      Oh god. Sentinel one is horrible. If they’re taking issue with your testing, you’ve really screwed the pooch

        • ozymandias117@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          4 months ago

          Their ftrace hooks caused all disk usage to be serialized, making your multi-core processor single-core when doing anything I/O bound

          We saw between 500% - 800% increases in build times with their software installed

            • ozymandias117@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              ·
              4 months ago

              We’re still using them on machines where performance doesn’t matter

              On build machines, they’re on a special VLAN and don’t have endpoint protection, but they only download from a protected mirror