Vendor woes: How a perfect storm marred CrowdStrike’s reputation

Vendor woes: How a perfect storm marred CrowdStrike’s reputation

On July 19, 2024, CrowdStrike, a major endpoint detection and response (EDR) software provider, released a 40 KB configuration update for its Falcon Sensor program on Windows systems worldwide. This update contained a critical flaw that caused an out-of-bounds memory read error, resulting in system...

وصف كامل

محفوظ في:
التفاصيل البيبلوغرافية
المؤلفون الرئيسيون: RAMANATHAN, Kiruthika, Barros, Rafael J., LIM, Thomas
التنسيق: text
اللغة:English
منشور في: Institutional Knowledge at Singapore Management University 2025
الموضوعات:
Process management
disaster response and recovery
service management
risk management
cybersecurity
quality control
Databases and Information Systems
Management Information Systems
الوصول للمادة أونلاين:https://ink.library.smu.edu.sg/cases_coll_all/518
https://cmp-shop.smu.edu.sg/products/vendor-woes-how-a-perfect-storm-marred-crowdstrike-s-reputation?variant=42706405523498
الوسوم: إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
الوصف
الملخص:On July 19, 2024, CrowdStrike, a major endpoint detection and response (EDR) software provider, released a 40 KB configuration update for its Falcon Sensor program on Windows systems worldwide. This update contained a critical flaw that caused an out-of-bounds memory read error, resulting in system crashes across approximately 8.5 million Windows machines globally. The incident affected over 500 Fortune 1,000 companies and nearly 300 Fortune 500 firms, which incurred estimated losses of US$5.4 billion. The case examines how a seemingly minor configuration update led to a catastrophic global information technology (IT) outage, as a result of grave failures in service design and transition processes. Students are asked to put themselves in the shoes of the Director of Technical Support at CrowdStrike. They will need to apply Information Technology Infrastructure Library (ITIL) principles of Service Design and Service Transition, with a secondary focus on Service Operations to evaluate the Service Transition processes at CrowdStrike and suggest improvements to the processes. This case is intended for use in an undergraduate enterprise solutions management course. Students should be able to achieve the following learning objectives: identify design flaws in critical software systems, evaluate Service Transition processes, analyse how Service Design decisions impact Service Operation outcomes, develop risk mitigation strategies for software update processes, and create effective design and transition frameworks for mission-critical systems.

مواد مشابهة