The Exploit

Notes from the Front Lines of Penetration Testing

The CrowdStrike Outage: Lessons Learned

The CrowdStrike Outage: Lessons Learned

Written by

Just a few days ago the world felt the rippling effects of a third-party push to networks across the globe. What would have normally been a routine undertaking instead caused mass disruption of information systems and brought businesses of all sizes to a standstill. Almost everyone was impacted by this incident in one way or another. At the time of this writing, some companies continue to struggle to resume normal business activities.

As with any incident, we must take a look at our processes to see what lessons we can learn and how we can improve – an after-action report, if you will.

Third-Party Risks

Our society is more interconnected than ever before, and third-party vendors increasingly are active on customer production business networks. The advantages businesses receive from these interactions are often worth the risks. However, as with all business decisions, we must understand the risks that we are accepting and take steps to mitigate them to the greatest practical extent.

One of the key takeaways from this incident is that we need to incorporate third-party risks into our business continuity (BC) plans, incident response (IR) plans, and tabletop exercises. Businesses cannot control every aspect of a third-party integration, but they can control how that risk is incorporated into the environment and put safeguards in place for maintaining continuity when an action fails to go as planned.

Businesses should not only take this into account with their BC/IR planning but should actively incorporate this into their tabletop simulation drills. At Raxis, we conduct tabletop offerings as a simulated attack intended to model real-world threats. They facilitate cohesion and seek to highlight process gaps and less obvious exposures. A plan is only as good as its execution, and tabletop exercises are an excellent way to identify improvement opportunities in plans and processes.

A Few Things to Think About

  • Do you have redundant systems in place that would be resilient to a third-party incident?
  • Do you have tested backups (emphasis on tested) that allow you to quickly restore your system?
  • Do you maintain adequate logging, and are these logs stored for a long enough time period to allow your team to review them and determine affected systems?
  • Do you have a current BC/IR plan, and does this plan include incidents that could be caused by third-party vendors?
  • Do you actively review your vendors and their operational processes that could affect your business stability?

Vince Lombardi once said, It’s not whether you get knocked down, it’s whether you get up. This rings true after every security incident. What do we learn, and how do we improve?

Need help testing or developing your incident plans? Raxis can help. Reach out to one of our advisors to learn more.


Scottie Cole

Posted on

Categories: ,

Also by Scottie Cole

Human Vs AI Pentesting

While AI tools offer speed in detecting known vulnerabilities, they fall short with 20-35% false positives and only 50-65% success on complex threats like business logic flaws, as per mainstream reports from Verizon and OWASP. Human penetration testers at Raxis deliver 85-90% detection rates, precise prioritization, and ethical adaptability, ensuring your organization stays ahead of real-world attacks.

Partner With Raxis

Partnering with Raxis empowers your business with elite penetration testing services, competitive reseller pricing, and recurring revenue opportunities, all backed by a proven track record of excellence and a commitment to staying ahead of evolving cybersecurity threats.

Penetration Testing

Tailored, expert-led penetration testing services that uncovers hidden vulnerabilities using real-world hacker techniques, providing actionable insights to strengthen your defenses and protect against sophisticated cyber threats.

Ready to See Raxis One In Action?

See how we transform traditional pen testing into interactive security intelligence that keeps you informed every step of the way. From real-time attack progression to detailed remediation guidance, Raxis One gives you unprecedented visibility into your security posture as it’s being tested.