Author Topic: CrowdStrike has a problem with vulnerability disclosures  (Read 340 times)

0 Members and 1 Guest are viewing this topic.

Offline madires

  • Super Contributor
  • ***
  • Posts: 7043
  • Country: de
  • A qualified hobbyist ;)
CrowdStrike has a problem with vulnerability disclosures
« on: August 22, 2022, 11:58:20 am »
Ridiculous vulnerability disclosure process with CrowdStrike Falcon Sensor: https://www.modzero.com/modlog/archives/2022/08/22/ridiculous_vulnerability_disclosure_process_with_crowdstrike_falcon_sensor/index.html

So CrowdStrike tries to force you into a bug bounty program including an NDA to control the whole disclosure process (and you). :--
 

Offline Nominal Animal

  • Super Contributor
  • ***
  • Posts: 4690
  • Country: fi
    • My home page and email address
Re: CrowdStrike has a problem with vulnerability disclosures
« Reply #1 on: August 22, 2022, 02:54:07 pm »
Any bets on whether CrowdStrike will try a DMCA takedown on that modzero link?

You know, as a "vulnerability mitigation strategy".  "If our clients don't know about it, the vulnerability does not exist."
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf

 



Advertise on the EEVblog Forum