SaaS-y security outfit CrowdStrike falls out of love with test lab
SaaS-y endpoint protection outfit CrowdStrike has failed in an attempt to prevent publication of a review detailing its software’s qualities.
CrowdStrike makes “Falcon”, a platform that combines an agent running on endpoints with a cloudy analytical engine to spot and squash malware and other nasties.
Falcon made the list of endpoint security products that testing outfit NSS Labs decided it would include in a roundup it intends to release this week. But when CrowdStrike got wind of its inclusion, it took issue and headed off to court.
As the decision (PDF) of the United States District Court For The District Of Delaware explains, CrowdStrike authorised NSS to test Falcon but the two fell into a dispute about the nature of the tests the lab conducted.
NSS tried to conduct new tests to CrowdStrike’s satisfaction, but appears to have failed because during a third round of tests CrowdStrike got narky about NSS’ decision to include Falcon in a public test.
Off to court they went, where the Judge was asked to consider whether NSS had breached its contract with CrowdStrike (no) or breached a contract CrowdStrike had with a third party called “Constellation” (again, no).
CrowdStrike’s third argument was that releasing the review would mean NSS effectively misappropriated revealed trade secrets. That argument failed because the court felt NSS’ black box tests kept secrets safe, and that a review would not divulge those secrets.
Which left a final test of whether publishing the review would cause “Irreparable Harm” to CrowdStrike’s reputation, which the software company contended would be the result of NSS’ inevitably-inaccurate assessment of its wares. Again the court felt the argument could not stand, as the test NSS sought to reveal was a public test and not the private work it did for CrowdStrike.
Indeed, the decision says that even if NSS got it wrong, it would suffer more harm than CrowdStrike because “NSS would be enjoined from disclosing likely true and legitimately obtained data, undermining a critical aspect of NSS’s presence in the marketplace.” CrowdStrike, the decision argues, can easily contend NSS’ work by releasing its own data.
All of which will make life interesting at the RSA Conference in San Francisco on Tuesday morning US time, where NSS plans to release its research.
Grab some popcorn! ®
Article source: http://go.theregister.com/feed/www.theregister.co.uk/2017/02/14/crowdstrike_falcon_vs_nss/