[averageRoyalty]

How often do you think RCE vulerabilities are dropping on enterprise machines that already have vectors for security (firewalls, password policy, software install policy, etc)?

I understand cybercrime is real, however I highly doubt the amount of real time RCE exploits leaked into the wild executed within 2 hours is > 0.01% of the updates pushed by CrowdStrike.

[mewpmewp2]

This would require a deep dive into analyzing the importance of that specific update and all the other updates they do and at which frequencies and for which reasons. 2 leading causes for ransomware are social engineering and unpatched software which something like CrowdStrike should be able to secure against.

If there's a new pattern of social engineering/phishing attack it might be a question of hours to be able to respond to that and identify those specific patterns. Or just every minute will mean that more companies and machines will be compromised if there's a mass phishing campaign going on.