|
|
|
|
|
|
by kayo_20211030
703 days ago
|
|
|
I'm with you.
What's critical, and what's not? Is it a big thing, or not a big thing? Is this particular machine more critical than the one over there?
Security systems need to be at the lowest level, or else some shifty bastard will find a path around them. If it's at the lowest level, the downside of a failure is catastrophic, as we experienced last Friday. The carnage here is ultimately on CrowdStrike. The testing must have been slapdash at best, and missing at worst. eBPF changes nothing. The question is: should we fail, or carry on? eBPF doesn't help with that decision, it only determines the outcome from a system perspective. Any decision is a value judgement; it might be right or wrong, and its outcome either benign or deadly.
Choices! |
|
|