mcarey on Nostr: I really want to agree with but. But here’s the reality of how this works: 1. Like ...
I really want to agree with but. But here’s the reality of how this works:
1. Like it or not, CrowdStrike are still leaders in the cyber security space still.
2. Contract terms can be really hard to cancel, require legal intervention that more often than not, is more expensive than any benefit gained by replacing a problematic solution to begin with.
3. It’s difficult (and very expensive) for most companies to rip & replace endpoint security solutions quickly. Think system integrations, staffing, training, all the downstream cross-sell products, etc, etc…that is not trivial to replace.
4. There’s not many players in this space that can meet the demands of enterprise customer requirements anyway. Think of the security and industry compliance that many companies (by law, or by contract), MUST have in place (SOC, GDPR, ISO, HIPPA, and more). CrowdStrike helps achieve these certification requirements…and theres not many others (handful at most).
5. CEO’s of big clients are ‘friends’. See you on Saturday for 10AM tee-time! Drinks at my place afterwards. This is just how its done.
6. Investment funds have built-in risk tolerance levels for tech firms, knowing there will be a ‘bug tax’, or flaw that could temporarily be disruptive and impact equity valuations. It’s tech…shit breaks, and they know this.
In short, while Crowdstrike f’d up, who’s to say that couldn’t happen to any security endpoint solution. They f’d up, they owned it…thats the risk you take with any technology. Technology isn’t perfect. Nothing in the space is.
I’m not defending them; poor QA controls, poor pre-testing on this one. 100% agree. But Crowdstrike still has an excellent record, and theres not many readily - and easily replaceable - alternatives that any company can pivot to at the first sign of any issue.
Endpoint security tends to be sticky. Especially for large scale enterprise accounts. They’re not going bankrupt any time soon. Not until there is a considerably cheaper, easily replaceable solution that meets feature parity of Crowdstrike. I really do hope to see CrowdStrike and SentinelOne become irrelevant with emergent decentralized open-source alternatives that meet 80% of feature parity at a 90% discount to average enterprise cost-per-client. This is 5yrs out at least.
Don’t be surprised if CrowdStrike could be the come-back story of the year.
Hope my explanation makes sense. It’s s good question.
Published at
2024-10-20 04:41:08Event JSON
{
"id": "33cd07b874bf7ff9ea3103be7951f637d22fd1a15101c86e5671508df858c83d",
"pubkey": "7b5471d86de038c28fdc80de91e8b03627171aadde5f40410d0a9450956fa337",
"created_at": 1729399268,
"kind": 1,
"tags": [
[
"e",
"a0b17b699b8cc4d0bee5f706c849324e12622537f03fd792f20dcbdc0af48794",
"",
"root"
],
[
"p",
"70122128273bdc07af9be7725fa5c4bc0fc146866bec38d44360dc4bc6cc18b9"
]
],
"content": "I really want to agree with but. But here’s the reality of how this works:\n\n1. Like it or not, CrowdStrike are still leaders in the cyber security space still.\n\n2. Contract terms can be really hard to cancel, require legal intervention that more often than not, is more expensive than any benefit gained by replacing a problematic solution to begin with.\n\n3. It’s difficult (and very expensive) for most companies to rip \u0026 replace endpoint security solutions quickly. Think system integrations, staffing, training, all the downstream cross-sell products, etc, etc…that is not trivial to replace.\n\n4. There’s not many players in this space that can meet the demands of enterprise customer requirements anyway. Think of the security and industry compliance that many companies (by law, or by contract), MUST have in place (SOC, GDPR, ISO, HIPPA, and more). CrowdStrike helps achieve these certification requirements…and theres not many others (handful at most).\n\n5. CEO’s of big clients are ‘friends’. See you on Saturday for 10AM tee-time! Drinks at my place afterwards. This is just how its done.\n\n6. Investment funds have built-in risk tolerance levels for tech firms, knowing there will be a ‘bug tax’, or flaw that could temporarily be disruptive and impact equity valuations. It’s tech…shit breaks, and they know this.\n\nIn short, while Crowdstrike f’d up, who’s to say that couldn’t happen to any security endpoint solution. They f’d up, they owned it…thats the risk you take with any technology. Technology isn’t perfect. Nothing in the space is. \n\nI’m not defending them; poor QA controls, poor pre-testing on this one. 100% agree. But Crowdstrike still has an excellent record, and theres not many readily - and easily replaceable - alternatives that any company can pivot to at the first sign of any issue. \n\nEndpoint security tends to be sticky. Especially for large scale enterprise accounts. They’re not going bankrupt any time soon. Not until there is a considerably cheaper, easily replaceable solution that meets feature parity of Crowdstrike. I really do hope to see CrowdStrike and SentinelOne become irrelevant with emergent decentralized open-source alternatives that meet 80% of feature parity at a 90% discount to average enterprise cost-per-client. This is 5yrs out at least. \n\nDon’t be surprised if CrowdStrike could be the come-back story of the year. \n\nHope my explanation makes sense. It’s s good question.",
"sig": "6fa5e4826d1da32c4429f05fc049a22c148208544a2e8916065f99d00975182d31ac7b5c291490c5f325fa7dea00e513eed348aad03f1a347e053270f7a8b286"
}