What just happened? CrowdStrike's recent colossal failure that crippled systems, communications, and transportation shocked the world. Rather than shy away from the blunder, the company opted to once again own up to the incident, this time in one of the most visible (and funny) ways possible: by accepting an award at the Pwnie Awards.
In 2007, security researchers Alexander Sotirov and Dino Dai Zovi founded the first annual Pwnie Awards, a ceremony centered on recognizing the year's best and worst achievements in information security. Since then, security professionals and past winners have continued the annual tradition of selecting the industry's best (and worst) representatives.
Judges select winners across eleven different categories, including "Best Cryptographic Attack," "Most Innovative Research," and "Epic Achievement." There are also winners (losers?) for some of the industry's biggest blunders. While you might think that "Lamest Vendor Response" would be the absolute bottom of the awards barrel, there is one step lower: Most Epic Fail. It should come as no surprise that this year's recipient was CrowdStrike.
Rather than shy away from the embarrassing award, CrowdStrike leaned directly into the recognition. The company's President, Michael Sentonas, attended the ceremony in person to accept the less-than-prestigious award.
CrowdStrike accepting the @PwnieAwards for "most epic fail" at @defcon. Class act. pic.twitter.com/e7IgYosHAE
– Dominic White �'� (@singe) August 10, 2024
During his speech, Sentonas was forthcoming about CrowdStrike's role in the incident, stating again that the cybersecurity company's efforts were "horribly wrong." Despite the dark tone of the award, Sentonas sees it as an opportunity to help ensure this type of incident doesn't occur again. During his speech, he stated that he is putting the trophy on display at CrowdStrike headquarters to remind every employee of their mission and responsibility to protect the service's worldwide customer base.
Event organizers hosted the Pwnie ceremony at the Las Vegas Convention Center, where this year's Def Con 32 conference is underway. Def Con is the world's largest hacker conference, offering attendees access to security-themed attractions, including guest speakers, workshops, exhibits, vendors, contests, entertainment, and the latest cutting-edge research. The conference attracts security buffs from many countries, with past conferences having as many as 30,000 attendees. The event attracts an audience with backgrounds ranging from hackers and security enthusiasts to federal law enforcement representatives and industry cybersecurity professionals.