CrowdStrike President Michael Sentonas personally accepted the “Most Epic Fail” award over the weekend at the annual Def Con Las Vegas hacker conference for the company’s software update that caused a global IT outage last month. In accepting the award, he said it was “super important to take control when you do things terribly wrong, which we did in this case.”
THE Pwnie Awardsreleased at an annual ceremony at Def Con, celebrates “the achievements (and failures) of security researchers and the security community.” This year’s categories included awards for mobile, desktop, and cryptocurrency bugs, one for “Weakest Vendor Response,” and an “Epic Achievement” award for researchers who discovered critical vulnerabilities.
During his speech, Sentonas said the Pwnie is “definitely not the award to be proud of receiving,” but added that he will take it to CrowdStrike headquarters, where “it will stay [in] pride of place because I want every CrowdStriker who comes to work to see this.” Last year’s “Most Epic Fail” award went to the US Transportation Security Administration after a hack discovered the agency’s “no-fly” list on an unprotected Internet-connected server. (Something similar happened in 2021 as well.)
CrowdStrike blamed a testing software bug for the faulty update and promised to update its testing and error handling, as well as begin staggered updates to prevent something similar from happening in the future.