Right. I thought the "big guys" know better and they have some processes to vet Crowdstrike updates. Maybe even if they don't get its source code, they at least have a separate server that manages the updates, like Microsoft's WSUS.

But no, they are okay with a black box that calls home and they give it kernel access to their machines. What?

We do that. CS literally entirely pushed this over our staging system and straight into production.

Why did they have the technical means to do so?

Because our security guys are fuckwits.

(I am operations management and fought against this product and approach for months)