The security agent we use in our Managed SOC is just a “grab and log” agent.
As such, it doesn’t need deep integration at the OS level like Crowdstrike. So, while Crowdstrike runs at the kernel level, our agent runs natively in user space. This is a much safer approach to security monitoring and threat protection and avoids issues such as the BSOD that Crowdstrike users are currently facing.
Crowdstrike Security Advisory
For Crowdstrike clients that are affected by the BSOD issue after the update, here is a series of steps to recover:
