Faberwork, LLC’s Post

What a week it was for IT shops. I have read a lot and stayed quiet a lot. Customers have called and asked for my opinion and the only comment I want to make is - shared responsibility. Yes, did crowdstrike, an incredible cyber security product and company, make a horrible move and demonstrate a broken CI/CD pipeline… absolutely. BUT one thing no one is talking about (I have seen only a handful of posts about this) - the notion of accepting updates automatically in production. Well, I hate to be the one to give the bad news but that’s every single organizations misstep. Why are we just resorting to pushing updates to production without having it pushed to a test environment first? For godsake, just have one freaking machine of every OS and take time to run through QA. We want to talk about the glories of automation but what about the downsides? Automation is for efficiency, not for breaking best practices. #takeresponsibility #QA #bestpractices

The High Cost of Quality Oversights: A Lesson from CrowdStrike Last week's global outage caused by a faulty CrowdStrike update underscores a critical point: even the most advanced cybersecurity solutions are vulnerable when quality assurance (QA) falls short. The resulting "Blue Screen of Death" for millions of Windows users disrupted businesses, airlines, healthcare, and more, highlighting the interconnectedness of our digital world. The Takeaway: Robust QA is not just a "nice to have" – it's essential for preventing costly disruptions and protecting the integrity of your systems. Every piece of code, every update, and every new feature needs rigorous testing across various scenarios. How CloudQA Can Help Cloud-based QA platforms like CloudQA offer a scalable and comprehensive approach to testing: Comprehensive QA Coverage: Ensure your software is tested across a wide range of environments, configurations, and edge scenarios that might not be caught in traditional testing methods. Rapid Feedback: Identify and address bugs quickly, before they snowball into major problems. Cost-Efficiency: Reduce the need for in-house QA resources, freeing your team to focus on innovation. The CrowdStrike incident is a stark reminder that even a single error can have a domino effect. Don't wait for disaster to strike. Invest in comprehensive QA today and safeguard your business from avoidable disruptions. #QualityAssurance #Cybersecurity #CloudQA #CrowdStrike #SoftwareTesting #TechNews

Nowadays, digital transformation (DT) is at the forefront of business growth and staying ahead of market competition. But how can companies ensure a smooth transition with minimal disruption and maximum confidence? In this article, Lena Yakimova, Head of testing department at a1qa, recommends paying attention to the most basic QA practices allowing organizations to eliminate costly post-release fixes and enable successful DT. 🔴 Dive in for more details: hubs.ly/Q02r1Rkw0 #a1qaArticle #digitaltransformation #QA #softwaretesting #testautomation #cybersecurity 

🔒Building Cyber Resilience with IRIS Platform🔒 🐜 Software bugs can threaten our digital world, causing big supply chain attacks and spyware incidents. With a record number of vulnerabilities reported, it’s tough for IT teams to patch everything. Instead, prioritize what matters most! 📊 IRIS helps you stay ahead by focusing on asset priority and risk score. This means you can quickly spot, prioritize, and fix critical vulnerabilities, ensuring your business stays safe. 💪 Discover how IRIS can boost your cyber defense! 🌐 Visit: https://bit.ly/3yQcpRm 📩 Contact: marketing@codeeyesolutions.com #Cybersecurity #Infosec #DataPrivacy #CyberAware #CyberDefense #CyberAttack #Cybercrime #SecurityAwareness #ITSecurity #DataProtection #SecureByDesign #PrivacyMatters #ThreatIntelligence #DigitalSecurity #NetworkSecurity #CloudSecurity #CyberResilience #EndpointSecurity #Phishing #SecurityTips #DevSecOps #SecDevOps #CyberSec #InfoSecCommunity #Malware #Ransomware #IncidentResponse #ZeroTrust #SOC #PenTesting #VulnerabilityManagement #CISO #DevOps #AppSec #SecureCoding #ShiftLeft #CI #DI #InfrastructureAsCode #Pentest #SecurityAutomation #SecOps #SecurityByDesign #DevSecOpsPipeLine #GitHub #ApplicationSecurity #TechInnovation #Compliance #AI #SDLC

INEXCUSABLE: CrowdStrike vs CISO/CIO/CTO - who is to blame? CrowdStrike is an unfortunate example of a common problem - inadequate testing. Why you ask? Typically inadequate budgets and a lack of software engineers who want to be test engineers. CISO/CIO/CTO - And the question that begs answering is how is it possible that no contingency plans existed to avert such a catastrophe? Both are to blame. I don't envy CrowdStrike's QA czar or the aforementioned C-Level positions that hold responsibility for those millions of bricked computers. CrowdStrike #ciso #cio #cto #cybersecurity #cybersecurityfail #crowdstrike #softwareqa

Between a changing and massive attack surface and vulnerabilities that simply don’t stop, there’s plenty to keep a CISO up at night. Imagine if you could automate discovery of your attack surface – and then ingest your vulnerabilities from all your sources and bring it together under a single pane of glass. Imagine if you could use business context to help prioritize a sea of risk so your teams can focus on what’s most important and you can see where you are most exposed and what’s being done to correct it. You can. But many customers struggle with where to start. Which is why NewRocket has designed an offering to help. Our Vulnerability Response offering is designed to help customers get start quickly, attach their scanners and improve their ability to prioritize their vulnerabilities and work across Security and IT teams to correct them as efficiently as possible. For more information, check out the link below. #SecurityOperations #VulnerabilityManagement #ServiceNow https://lnkd.in/gCr5uGXZ

#INVESTIGATION #WORKFLOW #AUTOMATION This #module #simplifies #investigations and #shortens the #incident response cycle. It minimizes the #cybersecurity team workload by providing a #360° view of actual tasks with all the statuses, data on the investigation stage, executants, and deadlines. During the #investigation, #cybersecurity team members can leave comments on the task and #discuss progress with other participants (from #CISO to analyst), attach documents and incidents as proof. #bestcybersecuritysolution #ipinfotech #zecurion www.ipinfotech.in 9719194445

Call #EndeavorIT to discuss your security posture!

I highly recommend reading this article — especially for those who work as Detection Engineers and SOC Analysts in any tier. https://lnkd.in/dydPdy_D #soc #security #detection

🚨 Don't miss our upcoming webinar with the Insider Risk Community and Tines! Unlocking Security Automation | Feb 6 | 11:00 AM CT. Learn how automation can empower your security team amidst resource constraints. Register now for insights and strategies! 🚀 https://lnkd.in/gptGCyTF #Webinar #SecurityAutomation #Code42 #Tines