The Cloud Pod Puts a Hex-LLM on all these AI Announcements Welcome to episode 270 of the Cloud Pod Podcast – where the forecast is always cloudy! Jonathan, Ryan, Matt and Justin are your hosts today as we sort through all of the cloud and AI news of the week, including updates to the Crowdstrike BSOD event, more info on that proposed Wiz takeover (spoiler alert: it’s toast) and some updates to Bedrock. All this and more news, right now on the Cloud Pod! Titles we almost went with this week: The antivirus strikes backThe return of the crowdstrikeThe cloud pod is worth more than 23BThe cloud pod is rebranded to the AI podcastThe cloud pod might need to move to another git providerAmazon finally gets normal naming for end user messaging Amazon still needs to work on it’s end user messagingThe CloudPod goes into hibernation before the next crisis hitsEC2 Now equipped with ARM rests A big thanks to this week’s sponsor: Follow Up 01:33 In what feels suspiciously like an SNL skit, CrowdStrike sent its partners $10 Uber Eats gift cards as an apology for mass IT outage As you can imagine, Twitter (or X) had thoughts. Turns out they were just for third party partners that were helping with implementation. 2024 Economics wants to know – what are you going to do with only $10 with Uber Eats? Crowdstrike: Preliminary Post Incident ReviewMoving on to the actual story – The Preliminary Post Incident Review (PIR) is now out for the BSOD Crowdstrike event we talked about last week.Crowdstrike reports that a Rapid Response Content Update for the Falcon sensor was published to Windows hosts running sensor version 7.11 and above. The update was to gather telemetry on new threat techniques that targeted named pipes in the kernel but instead triggered a BSOD on systems online from 4:09 – 5:27 UTC.Ultimately, the crash occurred due to undetected content during validation checks, which resulted in an out-of-bounds memory read. To avoid this, Crowdstrike plans to do a bunch of things: Improve rapid response content testing by using testing types such as Local developer, content update and rollback, stress, fuzzing, fault injection, stability and content interface testing. Introduce additional validation checks in the content validator to prevent similar issues. Strengthen error handling mechanisms in the Falcon sensor to ensure errors from problematic content are managed gracefully.Adopt staggered deployment strategies, starting with a canary deployment to a small subset of systems before further staged rolloutsEnhanced sensor and system performance monitoring during the staggered content deployment to identify and mitigate issues promptly.Allowing a granular section of when and where these updates are deployed will give customers greater control over the delivery of rapid-response content updates.Provide notifications of content updates and timingConduct multiple independent third-party security code reviewsConduct independent reviews of end-to-end quality processes from development through deployment 04:37 Jonathan – “I think part of the blame was on the EU, wasn’t it, against Microsoft, in fact, for making Microsoft continue to give kernel level access to these types of integrations. Microsoft wanted to provide all this functionality through an API, which would have been safe. They wouldn’t have caused a blue screen if there had been an error. But in the EU, there were complaints from antivirus vendors. They wanted direct access to things in the kernel rather than going through an API.” 08:57 Delta hires David Boies to seek damages from CrowdStrike, Microsoft after outage David represented the US Government against Microsoft in a landmark antitrust suit, as well as the likes of Harvey Weinstein and Elizabeth Holmes of Theranos. Seriously – why doesn’t this guy have his face all over LA billboards? 12:23 Cyber-security firm rejects $23bn Google takeover Literally minutes after we finished recording last week’s show talking about the potential for a Wiz buyout… Alphabet’s dreams were dashed. Wiz has reportedly rejected Alphabet’s $23 bn takeover offer, which would have been its largest acquisition ever. CEO Assaf Rappaport told staff in an internal memo he was “flattered.”Instead, the company will focus on achieving 1BN in revenue and then going public. Earlier this year, Wiz reported that they were making 500M a year in ARR.The founders Ami Luttwak, Roy Reznick, Yinon Costic and CEO Assaf Rappaport first met while serving in the Israeli military. They previously founded Adallom, which Microsoft bought for 320M in 2015. They left MS in 2020 and founded Wiz and believe they’re the fastest-growing startup reaching 100M in annual revenue in its first 18 months. 13:33 Justin – “I mean, I don’t know why they’re not going public now. mean, at 500 million in ARR and the number of employees, their costs, their margins have to be really good unless they’...