In the latest Cloudnone episode, we delve into the intriguing case of CrowdStrike, along with a technical analysis of how security software such as Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) operate. Which EDR/XDR software options are available in the market and why has CrowdStrike emerged as the market leader with a vast customer base?
Following that, we analyze why EDR software necessitates the use of an agent to run at the kernel level, leading to vulnerabilities causing millions of PCs worldwide to freeze. What other approaches can be taken in the future for EDR software if running at the kernel level is not desired?
Apart from YouTube, you can also listen to the podcast on Spotify.
TLDR: Cloudnone discusses the CrowdStrike case and the workings of EDR/XDR software, questioning the necessity of agents running at the kernel level and exploring future alternatives.
Leave a Comment