Last Update: Sep 16, 2024 | Published: Sep 13, 2024
Key Takeaways:
Earlier this week, Microsoft held its Windows Endpoint Security Ecosystem Summit at its Redmond headquarters, bringing together CrowdStrike, cybersecurity partners, and government officials. The summit aimed to address critical issues in cyber resilience and infrastructure security, fostering discussions on strengthening defenses against future threats.
On July 19, CrowdStrike released a faulty sensor update for its Falcon endpoint security platform that crashed around 8.5 million Windows devices. This incident resulted in billions of dollars in damages, disrupting hospital appointments, grounding thousands of flights, and raising regulatory concerns about third-party access to the Windows kernel. In response, Microsoft called for changes to Windows to enhance its resilience and prevent similar incidents.
Microsoft’s Windows Endpoint Security Ecosystem Summit served as a platform for Microsoft and security vendors to discuss designing resilient systems, improving security, and adopting safe deployment practices. Microsoft is also working on enabling security solutions to operate outside the Windows kernel.
“Both our customers and ecosystem partners have called on Microsoft to provide additional security capabilities outside of kernel mode which, along with safe deployment practices, can be used to create highly available security solutions,” said David Weston, vice president of enterprise and OS security at Microsoft.
Microsoft detailed its efforts to address the performance needs and challenges of operating outside kernel mode, which is crucial for avoiding the performance issues and conflicts associated with the kernel.
The Summit also underscored the importance of anti-tampering protections to prevent malicious interference with security products. Microsoft is committed to considering security sensor requirements and secure-by-design principles as it enhances Windows.
Lastly, Microsoft highlighted its dedication to improving collaboration with partners by sharing best practices, tools, and data. “We’re competitors, we’re not adversaries. The adversaries are the ones we need to protect the world from. We are grateful for the support and input from this community and excited about the conversations in progress and work we have ahead,” Weston added.