Beep boop - this is a robot. A new show has been posted to TWiT…
What are your thoughts about today’s show? We’d love to hear from you!
PIR is now published for the incident. RCA to follow. Steve was a bit unfair IMO saying CrowdStrike was talking rubbish and was still finding out what went wrong. Incident management determines the fault, a fix and gets the service running. PIR and RCA go into the root cause later.
Falcon Content Update Remediation and Guidance Hub | CrowdStrike
1 Like
Kate at Forbes had an report on the preliminary PIR from CrowdStrike.
Yeah. The key bit for me was that Channel File 291 update was split over two dates, 25 March and 19 July. The first release went through a full stress test and was successfully deployed.
The one in July looks like assumptions were made based on the March stress tests, plus this happened…
‘Due to a bug in the Content Validator, one of the two Template Instances passed validation despite containing problematic content data’.
So they did less testing, and the test they did do had a bug in it.
2 Likes
I think Steve was kinder to CrowdStrike than he would have been if the Incident Report had been out at the time of our recording.