Global Tech Outage: Technical Support

UPDATE 7/23/24

VP of Service Delivery Bob Roberts breaks down one very important factor regarding the CrowdStrike incident– the fact that because the two platforms run differently from an architectural standpoint, the incident cannot affect SentinelOne’s system. SentinelOne does NOT push kernel components such as drivers and .sys files as part of Live Security Updates. Instead, Live Security Updates contain user mode components only. Want to know how this works? Click the video above to hear one of Overwatch’s expert opinions.

7/22/24 

From SentinelOne:

Our architecture is built for global redundancy and isolated multi-tenancy. Gradual, progressive roll outs are mandatory in our software development lifecycle – for everything we do, from agents to updates, to backend upgrades, as well as fine-grained controls, to ensure business continuity. This reduces widespread outage risk significantly.

7/19/22

As the world experienced a major tech outage overnight debilitating countless businesses, Overwatch Managed Cybersecurity‘s security engineers and SOC analysts have been vigilantly monitoring the impact.

First and foremost, Overwatch systems did not experience any outages. Our Security Engineering and Operations teams have confirmed that Overwatch Managed EDR powered by S1 and the rest of the Overwatch solution is 100% green.  There have been no issues outside of partners running CrowdStrike with another vendor. If any Overwatch partner feels they may be experiencing an issue and we can help them please reach out directly to our SOC.  Our team is staffed 24×7 to assist you.

Email: soc@highwirenetworks.com 

Phone: 630-635-8335

If you are a CrowdStrike customer experiencing a Windows Bluescreen aka the Blue Screen of Death (BSOD) you can follow the remediation steps below to get back online.

Current Action:

CrowdStrike Engineering has identified a content deployment related to this issue and reverted those changes. If hosts are still crashing and unable to stay online to receive the Channel File Changes, the following steps can be used to workaround this issue:

Workaround Steps:

• Boot Windows into Safe Mode or the Windows Recovery Environment
• Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
• Locate the file matching “C-00000291*.sys”, and delete it
• Boot the host normally

**If you are looking for a partner who can help you manage the incident, please reach out: overwatch@highwirenetworks.com

To become an Overwatch MSP partner, fill out a form here: https://www.highwirenetworks.com/how-to-become-a-partner/