Query’s Post

🔥Must Read: 👇Microsoft Global IT Outage Lesson learned for Enterprise Architect, Global Governance Body , developer, tester and Business architect. Note: My view , my point 👇 **CrowdStrike Falcon sensor faulty deployment leads to MS Windows Blue Screen** CrowdStrike, a cybersecurity firm with thousands of customers globally, admitted on Friday that a defective software update caused a major IT outage, affecting airports, banks, hospitals, media outlets, and businesses worldwide. As an Enterprise Architect, I'm reflecting on the following considerations: - Was High Availability/Disaster Recovery (HA/DR) in place, at least in standby? - Was the User Acceptance Testing (UAT) report approved? - Who approved the change, and how was it managed? - Was there a change approval board (CAB) involved? - What were the Recovery Time Objective (RTO) and Recovery Point Objective (RPO)? - Was there a rollback mechanism in place? - Was the patch version tested in UAT before going to production? - Avoid deploying in production on a Friday (just kidding)! - While zero risk doesn't exist, was the acceptable risk defined? - Should consumers have the option for manual updates rather than forced ones, considering cybersecurity constraints? - Does the organization follow a multi-cloud strategy? - The company should share the Root Cause Analysis (RCA) publicly! - Every person who are using windows, need to learn how to reboot systems in fail safe mode - Was code pushed by Intern or skilled programmers? One line of code update made Global outage. This is the beauty of Software engineer or Cybersecurity engineer. 👇Your thoughts in the comment 👇. Let’s understand it. #Crowdstrike #microsoft #outage #shutdown #CyberSecurity #ITOutage #SoftwareUpdate #DisasterRecovery #ChangeManagement #RiskManagement #UAT #HighAvailability #MultiCloud #RootCauseAnalysis #TechLessons #SystemArchitecture #ITStrategy

One of the best recommendations for soc analysts

Network Operations requires talent N experience working in tandem to give best results Our focus lie towards Skilled Personnel: Having a team of skilled network engineers and operations professionals is crucial. Our engineers possesses expertise in various networking technologies, protocols, and troubleshooting techniques. Monitoring and Management Tools: Implement robust network monitoring and management tools that provide real-time insights into network performance, health, and security. Tools like Datadog, Nagios, SolarWinds, or PRTG can help in identifying and aim is to addressissues promptly. Automation: Utilize automation tools to streamline repetitive tasks, configuration management, and updates. Automation improves efficiency, reduces human errors, and ensures consistency across the network. #TalentWorkForce #Workforce #Talent #NOCOutsourcing

Thanks, AIM, for featuring my thoughts on how Observability Can Help Prevent Another CrowdStrike Outage. I know it's a bit late, but it is good to share as Microsoft still didn't come out from the outage 🤣 #observability #crowdstrike #outage #microsoft

The infamous Microsoft-CrowdStrike outage last July, revealed the fragility of our modern digital infrastructure. 🏮 A faulty update disrupted critical systems worldwide, leading to over $5 billion in losses for Fortune 500 companies. 😱 🔍 What Can Be Done? observability platforms might hold the key to preventing such disasters. 🎙️In an interview with AIM, Sawaram Suthar, Founding Director of Middleware , emphasizes: "Real-time feedback mechanisms in observability solutions notify teams immediately, reducing the mean time to detect and respond. This proactive approach allows teams to resolve performance issues before they escalate into full-blown outages." 🔽 Key Benefits of Observability 🔽 🔷 Early Issue Detection: Real-time insights help engineering teams tackle problems quickly. 🔷Unified Data View: Centralized logs and metrics streamline root cause analysis. 🔷Predictive Analytics: AI-driven models foresee potential issues, enabling preemptive actions. Understanding the potential of observability tools can significantly mitigate risks, ensuring that businesses remain resilient in the face of technical challenges. ➡ Read the full story here: https://lnkd.in/gcy2yVgQ 🙌 A massive shoutout to Pritam Bordoloi for featuring us. 🙌 #Observability #ITOutages #Middleware #DigitalInfrastructure #AIOps #Monitoring #Microsoft #Crowdstrike

Network Operations requires talent N experience working in tandem to give best results Our focus lie towards Skilled Personnel: Having a team of skilled network engineers and operations professionals is crucial. Our engineers possesses expertise in various networking technologies, protocols, and troubleshooting techniques. Monitoring and Management Tools: Implement robust network monitoring and management tools that provide real-time insights into network performance, health, and security. Tools like Datadog, Nagios, SolarWinds, or PRTG can help in identifying and aim is to addressissues promptly. Automation: Utilize automation tools to streamline repetitive tasks, configuration management, and updates. Automation improves efficiency, reduces human errors, and ensures consistency across the network. #TalentWorkForce #Workforce #Talent #NOCOutsourcing

It was always about September 12th. Yesterday's #Crowdstrike challenges caused rational people to become emotional. People reacted, posted memes, made jokes, and expressed anger towards the company seemingly at the root of the outage; the damage is still being repaired. The issue from my experience wasn't the software update that failed. It was the lack of preparedness for an outage people assumed would or could never happen. It's not the first time something like this happened, either. We just seem to forget. In the late 1990s, a service provider updated their routing software which inadvertently injected a default route into the BGP network of the United States. The connectivity for Internet and some telephony went down instantly. Half of the United States went dark and no one knew why until it was fixed because at the time, virtually all communications relied on that infrastructure. In the early 2000s, a popular network hardware manufacturer injected a bug in their code which took out (among many other businesses) two of the three largest auto manufacturers. The third used a competitor's hardware and was unaffected. After the outage, all three auto manufacturers and many other businesses implemented dual, redundant multi-vendor infrastructures. In September 2001, the unthinkable occurred. Designs for infrastructure, disaster recovery (which took on a whole new meaning), business continuity, regulations around backups and data center placement, and business operations from real estate to systems design, were forever changed and improved. Yesterday, a driver update accidentally crippled critical infrastructure around the world. While this update only applied to a single operating system, architectural codependencies ended up impacting virtually everything. People stopped talking about AI and started discussing cloud vs. premise, operating system diversity, and change management. What can we learn from this? Do we simply push through it and presume it won't happen again? Or do we revisit the use of cloud, protection strategies, operating systems, and Enterprise Architectures? Are we okay with "blaming the update" or can and should we take accountability on ourselves and adapt to prevent another I-can't-believe-that-happened situation. That's the way to ensure yesterday's challenges weren't a loss. We can't prevent everything but we can learn from everything. Just some personal thoughts from someone who has been through many of these situations before. #Microsoft #Apple #EnterpriseArchitecture #HybridCloud #BusinessContinuity #DisasterRecovery

If you're curious about #SentinelOne #S1 Managed Endpoint Detection and Response (#EDR), we offer this solution as a managed solution, integrated with #OverwatchSOAR, security orchestration automation response capabilities. S1's architecture is built for global redundancy and isolated multi-tenancy. Gradual, progressive roll outs are mandatory in their software development lifecycle – for everything they do, from agents to updates, to backend upgrades, as well as fine-grained controls, to ensure business continuity. This reduces widespread outage risk significantly. Curious to learn more? https://lnkd.in/g3eHJhcR

The modern SOC depends on Security Automation Engineers Bold, but why? In one of my recent posts, I discussed what a modern Security Operations Center (SOC) may look like. Particularly highlighting the shift from the traditional passive detection and response approaches to a dynamic, engineering-led strategy. From my experience operating in MSSPs, delivery partners, and in-house SOC teams, I’ve seen that transforming traditional SOCs hinges on discovering and creating operational efficiencies. So, where does Security Engineering fit into this? Automation. But don't rush to open the chequebook for an expensive next-gen Security Automation Orchestration Response (SOAR) tool ... just yet. Instead, consider leveraging your existing portfolio of tools and expertise to achieve the following: → Transform non-actionable alerts into periodic reports. → Fine-tune and auto-close alerts that produce regular false positives. → Sync alerts from detection tools to the business ticketing system. → Integrate automation into the customer onboarding journey. → Utilise native automation solutions to keep out-of-the-box content up to date. The goal of automation is to enrich the SOC and reduce toil for L1 and L2 analysts. However, through experience, I know automation can also become a burden to an ill-equipped team. How is your automation journey going? ------------------------- #Automation #SOC #SecurityEngineering #SOAR ---------------------------- w: buff.ly/4bgSvw4 | e:[email protected]

It's been nearly a week since the global IT outage, and it's left a lot of people questioning our reliance on technology 🤔. So how did the Microsoft and CrowdStrike outage impact the recruitment and staffing industry? Read my latest #recruitment blog post on the impact it has had on some businesses, and what you can do to mitigate the impact such an outage could have on your business.