• Fonzie!@ttrpg.network
    link
    fedilink
    arrow-up
    9
    arrow-down
    3
    ·
    4 months ago

    That’s true

    On one hand I hope people are smart enough to run updates to critical systems on a test environment, first. On the other hand I’ve learned that that is not at all the case yesterday.

    • Brkdncr@lemmy.world
      link
      fedilink
      arrow-up
      11
      ·
      4 months ago

      Many security products have no test option. One I’m using has a best practice of a 15 minute delay between test and prod and no automation to suspend besides relying on the vendor to pull the update it within 15 mins if it were to go full crowdstrike.

    • 𝓢𝓮𝓮𝓙𝓪𝔂𝓔𝓶𝓶
      link
      fedilink
      arrow-up
      10
      ·
      4 months ago

      The problem her was that this wasn’t a traditional update. It was delivered automatically as a “content” update (like how old av would have definition update). We were given no room to test.