American Cyber Security Company Sentinelon revealed over the weekend that a software defect triggered a seven -hour -long outage on Thursday.
This massive outage affected many customer-supporting services, which Sentinelon described as “global service disruption”.
Sentinelon accepted the outage in a post published on Thursday, assuring customers that their systems were still preserved.
“Customer closing points are still preserved at the moment, but there will be no visibility in managed response services. Danger data reporting is delayed, not lost. Our initial RCA suggests that this is not a safety incident,” Santinelon Said,
In an original cause analysis released two days later, the company confirmed that the root cause of the incident was not cyber attack or safety violation, but an infrastructure control system has a software defect in an infrastructure control system that automatically removes important network routes and DNS resolver rules, causing most services to go down in all areas.
The services were brought down after adding the infrastructure after a defect at an outgoing cloud management function, restricting an empty backup of the AWS Transit Gateway Route Table.
“Sentinelon is currently in the process of replacing our production systems in a new cloud architecture built on the Infrastructure-AS-Code (IAC) principles. The construction of a new account early (ie outgoing) after the construction of a new account was deleted after the control system.” Explained,
“A software in the configuration comparison function of the control system incorrectly applies defective discrepancies and applies that it is considered a suitable configuration status, overloading already installed network settings. As this outgoing control system is no longer a source of truth for network configuration, it restored an empty passage table.”
As a result of this outage, programtic access to the services of the company was also interrupted, while integrated asset management/inventory and identity services were also brought down, which prevented customers from seeing weaknesses or reaching the identity console.
The company said that outage may have affected data ingestion from various third-party services, as well as managed identification and reaction (MDR) alert.
Sentinelon says that the closing points of the customers remain preserved, even if their safety teams could not log in to the Sentinelon Management Console, can use guards, or manage the Sentinelon services.
Manual patching is old. It is slow, error-prone and hard for scale.
On June 4, join Kandji + Tines, to see why the older methods are short. See the real -world examples of how modern teams use automation to patch rapid patching, risk cuts, obedient stay and leaving complex scripts.
