|
|
|
|
|
|
by chrisjj
702 days ago
|
|
|
> people were writing that ridiculous SLA's, such as "4 hour response to a vulnerability I didn't see people explaining why this was ridiculous. > make it practically impossible to release well-tested code That falsely presumes the release must be code. CrowdStrike say of the update that caused the crash: "This Rapid Response Content is stored in a proprietary binary file that contains configuration data. It is not code or a kernel driver." |
|
|
Because of how it affects priorities and incentives.
E.g.: as of 2024, CrowdStrike didn't implement staggered rollout of Rapid Response content. If you spend a second thinking why that's the case, you'll realize that rapid and staggered are literally antithetical.
>CrowdStrike say of the update that caused the crash: "This Rapid Response Content is stored in a proprietary binary file that contains configuration data. It is not code or a kernel driver."
Well, they are lying.
The data that you feed into an interpreter is code, no matter what they want to call it.