On Wednesday morning, thousands of cybersecurity professionals packed the halls of the Mandalay Bay Convention Center in Las Vegas, the epicenter of the annual Black Hat cybersecurity conference, where dozens of companies were announcing their products.
In the front row and with one of the largest booths was CrowdStrike, a company that has recently become a household name, but not for its prowess at stopping malicious hackers.
On July 19, CrowdStrike sent a faulty software update that crashed At least 8.5 million computers around the world, causing flight delays, Disrupting hospital operations – including Some surgeries — and hamstrings Several US government agenciesamong many other organizations that had to manually reboot computers and servers to get back to normal.
Since then, CrowdStrike has been sharing updates on its own investigation into the outage. The company also Offered $10 Uber Eats gift cards to partnersSome of whom had to spend hours recovering from the incident, as a way of sending their “most sincere thanks and apologies for the inconvenience.”
Several people who received the voucher (some of whom felt the gift was insensitive) were unable to cash out the gift card before Uber flagged it as fraud, “due to high usage rates,” according to a CrowdStrike spokesperson.
Less than three weeks later, some CrowdStrike employees had the difficult task of promoting the company's products at its conference booth. As soon as the doors opened, dozens of attendees began lining up. Not everyone was there to ask tough questions, but to pick up T-shirts and action figures made by the company to represent some of the nation states and cybercriminal groups it tracks, such as Scattered Spider, an extortion ring allegedly behind MGM Resorts of the past year and Cyberattacks on Okta; and Aquatic Panda, a spy group linked to China.
“We're here to give you free stuff,” one CrowdStrike employee told people gathered around a giant screen where employees would later give demonstrations.
One attendee at the conference seemed visibly shocked. “I just thought it would be dead, honestly. I thought it would be slower there. But obviously, people are still fans, right?”
In CrowdStrike's case, there was an element of normality at Black Hat, despite the global outage of its IT system that caused widespread outages and delays lasting days, and even weeks for some customers. The conference was held at the same time as CrowdStrike published its root cause analysis That explained what happened on the day of the outage. In short, CrowdStrike admitted it made a mistake, but said it had taken steps to prevent the same incident from happening again. And some cybersecurity professionals attending Black Hat seemed willing to give the company a second chance.
On the boxes of action figures stacked at the company’s booth, which were constantly replenished, CrowdStrike wrapped a message addressing the service disruption. “Adversaries don’t stop. Neither do we,” the message read. “Resilience begins with us. Our focus remains on you.”
The company projected the same message on a large screen in the hallway leading from the Mandalay Bay casino to the convention center.
CrowdStrike's senior director of corporate communications, Kevin Benacci, told TechCrunch that “the message shares our gratitude and appreciation for the Black Hat community, as well as the support we have received following the incident.”
Benacci added that the company had “members of the technical team on the stand addressing the incident.”
When TechCrunch visited the booth on Thursday, we saw several sales engineers showing off demos of the product, but also CrowdStrike’s VP of global solutions architecture, Chris Kachigian, who has a technical role within the company.
CrowdStrike CEO George Kurtz was also present at the Black Hat Innovators & Investors Summit. an event within the conference which requires a separate payment, meaning it is not open to all attendees. Kurtz appeared on a panel, according to the company, as well as Publications by two conference attendees.
To gauge how frontline defenders in the cybersecurity industry reacted to the massive service outage, TechCrunch spoke to more than a dozen conference attendees who visited CrowdStrike’s booth. More than half of the attendees we spoke to expressed a positive opinion of the company following the outage.
“Does that make me lose my view that they are a cutting-edge security company? I don’t think so,” said one U.S. government employee who said he uses CrowdStrike every day. The employee asked to remain anonymous because he was not authorized to speak to the press.
Brian Wilson, another U.S. government employee who also said he uses CrowdStrike as part of his job, said he will continue to use the company's products and has not lost faith in the company.
A security engineer who identified himself only as Eric L. told TechCrunch that part of his company was affected by the outage but was able to recover within 24 hours. “CrowdStrike was really good at providing guidance for the fix and doing everything they could to get things fixed,” he said, adding that his opinion of CrowdStrike hasn’t changed and that he is “in no way” thinking about switching vendors.
“They are best in class, they are at the top of the game,” he said.
Others did not feel the same.
Seth Faeder, an engineer at ClearChoice Dental Implants Centers, said his company was not affected because it uses Sophos, a CrowdStrike competitor. But its parent company, he said, does use CrowdStrike, so he and his team had to help get affected workstations back up and running, which was “not a lot of fun.”
“This has definitely given me a more negative view of the company,” Faeder told TechCrunch. “We actually ended up telling[his colleagues]that they might want to look into Sophos more after that.”
A cybersecurity professional, who asked to remain anonymous because he is not authorized to speak to the press, told TechCrunch that his company is a CrowdStrike customer and was affected by the outage.
“We have to look for alternatives, because we need a plan B,” he told TechCrunch. “We can’t have this problem, but to completely get away from them, I’m not entirely sure that’s possible, to be honest, because they’re still a leading figure in the industry.”
Ebenezer Chunduru, a security analyst at CapMetro, a company that He said he was affected by the cuttold TechCrunch that the incident was revealing about the fragility of cybersecurity tools.
“Can we rely on any tool at this point?” he said. “We shouldn’t rely on any tool. But at the same time, they’re doing a pretty good job.”
Since the global service outage, cybersecurity professionals, always happy to crack a joke, have flooded the Internet with a seemingly endless amount of CrowdStrike-themed meme stream.
The fun carried over into real life in Las Vegas. One conference attendee showed up to a Black Hat speaker-only event on Tuesday wearing a T-shirt that read “Crowdstruck.” Another attendee gave TechCrunch a sticker that mocked CrowdStrike Falcon, the company’s flagship product, replacing its logo with a cartoon bird and the fake company name “Fowlstrike.” A researcher attending Def Con, a hacker conference that follows Black Hat, Created fake Uber Eats gift cards with CrowdStrike theme.
After two days at Black Hat, it's hard to say whether the outage has damaged CrowdStrike's reputation. Maybe it's even the other way around. A few hours before the end of the conference, a CrowdStrike employee told TechCrunch that the company had printed more than 1,500 t-shirts in two days. Last year, conference organizers Almost 20,000 people said They were present.
When asked how many action figures they had handed out, another employee shook her head and simply said, “I have no idea.”
