SentinelOne has attributed widespread hours-long network connectivity outages last Thursday to an infrastructure control system vulnerability leading to the deletion of critical network routes and DNS resolver rules, according to Cybersecurity Dive.
While the flaw has significantly hampered security operations management for organizations' security teams, it has not resulted in any data loss, said SentinelOne, which emphasized the continued protection of its endpoints, as well as the lack of any impact among its federal clients. Such an incident, which comes nearly a year after the widespread CrowdStrike service outage, has prompted increased calls for transparency among experts. "Vendors must communicate quickly and transparently with customers during outages so they can appropriately prepare, plan, and communicate with executives about it. Further, it's crucial that vendors have some out-of-band communication methods (for example, an independent, public status page) for updates on outages like these," said Forrester Principal Analyst for Security and Risk Allie Mellen.
While the flaw has significantly hampered security operations management for organizations' security teams, it has not resulted in any data loss, said SentinelOne, which emphasized the continued protection of its endpoints, as well as the lack of any impact among its federal clients. Such an incident, which comes nearly a year after the widespread CrowdStrike service outage, has prompted increased calls for transparency among experts. "Vendors must communicate quickly and transparently with customers during outages so they can appropriately prepare, plan, and communicate with executives about it. Further, it's crucial that vendors have some out-of-band communication methods (for example, an independent, public status page) for updates on outages like these," said Forrester Principal Analyst for Security and Risk Allie Mellen.
