Crowdstrike processes their signature files in kernel mode. Defender helpfully pastes malware over system files. Ivanti has a new critical vulnerability every week or so. Why are security vendors incompetent?
Because they know they have such a chokehold on the market. I remember back in the XP days it felt like every year there was a new top tier security product that people were trying.
You hear a lot about them because they are used in government and large enterprise environments when threat actors love to attack.
Having a responsible disclosure process where they announce problems so their customers know it’s patching time. It’s better then it use to be where a vendor threw out a patch and if you didn’t patch because the vendor didn’t say why the patch was released.
There’s a reason why Isolated Networks are big money these days. Everyone expects their shit connected to the internet will be hit eventually and anyone that thinks they are safe are probably already being hit.
I probably should have used the analogy my VD doctor gave me, “If you keep dippin your tip even with the best of protection on you’ll eventually find a walking biohazard that even I can’t bring you back from.”
Some of it is incompetence, but some is… more complicated incompetence. A lot of the weirdness you see is where some executive somewhere had a problem that affected him and had enough money/clout to throw around that they could make whatever just happen. Microsoft is the worst at this.
Oh cool. Cool cool cool.
Crowdstrike processes their signature files in kernel mode. Defender helpfully pastes malware over system files. Ivanti has a new critical vulnerability every week or so. Why are security vendors incompetent?
Crowdstrike has an impressive marketing budget.
BlackBerry cylance was a better product in every aspect but BB didn’t try to market it after aquiring it.
Because they know they have such a chokehold on the market. I remember back in the XP days it felt like every year there was a new top tier security product that people were trying.
Gotta let some shit happen or people won’t think they’re doing anything.
Can’t exactly let your hard work go unrecognized by the shareholders now, can ya?
Because all software is insecure.
You hear a lot about them because they are used in government and large enterprise environments when threat actors love to attack.
Having a responsible disclosure process where they announce problems so their customers know it’s patching time. It’s better then it use to be where a vendor threw out a patch and if you didn’t patch because the vendor didn’t say why the patch was released.
There’s a reason why Isolated Networks are big money these days. Everyone expects their shit connected to the internet will be hit eventually and anyone that thinks they are safe are probably already being hit.
Is that the IT Sec version of “If you think you’re never wrong, you already are”?
I probably should have used the analogy my VD doctor gave me, “If you keep dippin your tip even with the best of protection on you’ll eventually find a walking biohazard that even I can’t bring you back from.”
Some of it is incompetence, but some is… more complicated incompetence. A lot of the weirdness you see is where some executive somewhere had a problem that affected him and had enough money/clout to throw around that they could make whatever just happen. Microsoft is the worst at this.