|
|
|
|
|
|
by soneil
688 days ago
|
|
|
I'm pretty sure this is why everything we got in the first 48 hours from CS was stressing that the issue was with a "channel file" (threat definitions, content updates, etc). Their staged update process is for the falcon driver itself. It is not for the "channel files". As I understand it, the driver itself is understood to be a risk, and they provide facility for an N, N-1, N-2 staged deployment to mitigate this risk. As I understand it, channel files were not identified as a risk, and were never subject to this staged deployment. The "sell" was that you could be running a trusted driver at N-2, but still have 0day protection from up-to-date channel files. And CS's initial feedback that the issue was not with the driver itself was CYA that they hadn't been misleading customers using such staged deployments. |
|
|