Crowstrike has published the much-anticipated technical postmortem regarding the global outage on July 19th caused by the faulty Falcon EDR running on Microsoft Windows. The report highlighted six lessons learned. Immediate next step is to engage two independent third-party software security vendors. In a nutshell, the solution relies on parameters which were not properly validated. Content is managed using a Content Interpreter and Content Validator. Both components had critical flaws. It is unclear whether Crowdstrike conducted a risk assessment on the design and prioritized due diligence on the components with the highest risk. If not, the third party review will likely do so and look over all the critical rocks.