News

At Microsoft's Post-CrowdStrike Summit, Security Vendors Promise To Be Better

The dust hasn't settled on July's massive CrowdStrike outage that took down millions of Windows systems worldwide.

At an invitation-only summit last week, Microsoft convened with executives from some of its biggest security partners, including CrowdStrike, to "discuss strategies for improving resiliency and protecting our mutual customers' critical infrastructure," as the company put it in a subsequent blog post.

"Together with our Microsoft Virus Initiative (MVI) partners -- companies who develop endpoint protection and additional security products for Windows, covering client, server and IoT -- we discussed the complexities of the modern security landscape, acknowledging there are no simple solutions," Microsoft said.

The meeting was a direct response to this summer's CrowdStrike incident, which Microsoft said "underscored the responsibility security vendors have to drive both resiliency and agile, adaptive protection."

Besides CrowdStrike, represented companies included Trend Micro, ESET, Sophos, Broadcom, Trellix and SentinelOne.

Microsoft emphasized that the meeting was not focused on decision-making, though attendees appeared to reach a provisional agreement to explore ways to improve Windows 11 security outside the kernel. Microsoft has long touted Windows 11's security protections in kernel mode, but the CrowdStrike incident has exposed the need for "a new platform which can meet the needs of security vendors," Microsoft said.

Such a platform will need to address the following factors:

  • Performance needs and challenges outside of kernel mode
  • Anti-tampering protection for security products
  • Security sensor requirements
  • Development and collaboration principles between Microsoft and the ecosystem
  • Secure-by-design goals for future platform

Microsoft said it intends to develop a platform with these capabilities, though it did not give further specifics.

The meeting attendees also discussed best practices for deploying Windows updates en masse, "from deciding how to do measured rollouts with a diverse set of endpoints to being able to pause or rollback if needed." Pointedly, Microsoft noted that gradual update rollouts are a longstanding best practice.

Microsoft foresees these discussions resulting in more information-sharing between security vendors, improved component and compatibility testing, and more effective vendor coordination in recovery situations.

Collaboration is all, the meeting attendees concluded.

"We're competitors, we're not adversaries," said Microsoft. "The adversaries are the ones we need to protect the world from."

End users can help themselves, too, Microsoft pointed out. For instance, businesses should develop plans for business continuity and incident response, as well as schedule frequent backups.

About the Author

Gladys Rama (@GladysRama3) is the editorial director of Converge360.

Featured

  • Microsoft Offers Support Extensions for Exchange 2016 and 2019

    Microsoft has introduced a paid Extended Security Update (ESU) program for on-premises Exchange Server 2016 and 2019, offering a crucial safety cushion as both versions near their Oct. 14, 2025 end-of-support date.

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Notebook

    Microsoft Centers AI, Security and Partner Dogfooding at MCAPS

    Microsoft's second annual MCAPS for Partners event took place Tuesday, delivering a volley of updates and directives for its partners for fiscal 2026.

  • Microsoft Layoffs: AI Is the Obvious Elephant in the Room

    As Microsoft doubles down on an $80 billion bet on AI this fiscal year, its workforce reductions are drawing scrutiny over whether AI's ascent is quietly reshaping its human capital strategy, even as official messaging avoids drawing a direct line.