Narrow-moat CrowdStrike (CRWD) said a faulty update was the reason behind the massive technology outage that affected millions of users in the early hours of July 19. Customers using CrowdStrike's security platform were locked out of their Windows devices. While details are still emerging, CrowdStrike's initial response emphasized that this incident was not a security breach and that the faulty update has been rectified. We find some credence in this response, considering that within hours of the outage, companies with operations affected by CrowdStrike's update have been able to gradually resume their services.
Investors appear to have been spooked by recent high-profile security incidents and sold CrowdStrike's shares in premarket trading, with the stock dropping more than 10%. We think this market reaction is overly punitive, especially considering that the update doesn't represent a breach of CrowdStrike's security apparatus. While the shares still trade in 3-star territory after the premarket drop, we think the current pullback represents a good buying opportunity for long-term investors looking for high-quality security/software exposure.
While we don't have a full postmortem on the faulty update that led to this morning's chaos, we suspect that CrowdStrike's central cloud, which pushes updates across its entire customer base simultaneously, played a key role. While this feature enables CrowdStrike to continuously update its customers' security apparatus, it also enabled a substandard update to be pushed onto the company's entire customer base, essentially halting operations at major airports and media networks, among others.
The author or authors do not own shares in any securities mentioned in this article. Find out about Morningstar’s editorial policies.