Microsoft Hosts CrowdStrike in Windows Security Summit to Enhance Resiliency and Protection
Windows Security Summit Set to Address Key Improvements
Microsoft is hosting an important summit on Windows security at its Redmond, Washington, headquarters next month. The Windows Endpoint Security Ecosystem Summit on September 10th will bring together Microsoft engineers and vendors like CrowdStrike to discuss improvements to Windows security and third-party best practices to try and prevent another CrowdStrike incident.
“Microsoft, CrowdStrike and key partners who deliver endpoint security technologies will come together for discussions about improving resiliency and protecting mutual customers’ critical infrastructure,” says Aidan Marcuss, corporate vice president of Microsoft Windows and devices.
The CrowdStrike Incident and Its Implications
The buggy CrowdStrike update that forced 8.5 million Windows devices offline last month has triggered broader discussions about how such an incident can be avoided in the future. Microsoft has already called for changes to Windows to improve resiliency and has dropped some subtle hints about moving security vendors out of the Windows kernel.
Focus on Security and Resiliency
CrowdStrike’s software runs at the kernel level—the core part of an operating system that has unrestricted access to system memory and hardware. While Microsoft doesn’t directly mention Windows kernel access in its blog post announcing its Windows security summit, it’s bound to be a big part of discussions next month. “The CrowdStrike outage in July 2024 presents important lessons for us to apply as an ecosystem,” says Marcuss.
The summit will include technical sessions to discuss safe deployment practices, improvements to the Windows platform and API sets, and using more memory-safe programming languages like Rust. Microsoft is inviting government representatives to its security summit “to ensure the highest level of transparency to the community’s collaboration to deliver more secure and reliable technology for all.”
Strategies for Future Security Enhancements
This summit is timely, as Microsoft has been undergoing broader security overhauls, addressing previous criticisms of its defensive measures. While there may be pushback from security vendors about the prospect of changes to access levels within the Windows kernel, the goal is cooperative improvement. By engaging with CrowdStrike and other partners, Microsoft aims for consensus on strategies to prevent future incidents.
This article was prepared using information from open sources in accordance with the principles of Ethical Policy. The editorial team is not responsible for absolute accuracy, as it relies on data from the sources referenced.