How a failed lawsuit trailed CrowdStrike into the RSA Conference

Rumors of a lawsuit launched by Crowdstrike, an industry leader, against cybersecurity product testing firm NSSLabs, quickly spread amongst the thousands of attendees attending the 2017 RSA conference, Tuesday.
Image via Pixabay -- CC 2.0

Rumors of a failed lawsuit launched by Crowdstrike, a cybersecurity industry leader, against product-testing firm NSS Labs quickly spread Tuesday among the thousands of attendees at the 2017 RSA conference.

During one of the conference’s many industry-promoted parties Monday night, multiple attendees could be overheard talking about the controversy even before media reports began circulating. Other cybersecurity experts questioned NSS Labs’ capabilities, online.

An example of the mentions circulating on social media concerning the NSS Labs-Crowdstrike controversy

Crowdstrike sought an injunction in federal court last week and filed a restraining order against NSS Labs to stop the company from publishing test results for Crowdstrike’s endpoint-focused Falcon cybersecurity product line. On Monday, the Delaware-based court denied Crowdstrike’s request, explaining that the plaintiff had failed to demonstrate how NSS Lab’s research would translate into “irreparable harm.”


NSS Labs subsequently released the results of the product audit Tuesday morning. The free, public version of that information, however, is only available in a limited format. A subscription to NSS Labs’ database service, which can cost upwards of $12,000, is necessary to access the full report. Prices for an NSS Labs subscription vary dependent on the size of the organization and number of users per account. 

Crowdstrike representatives wrote in a blog post Tuesday that NSS Labs had unlawfully accessed the company’s Falcon software, breached a previously agreed upon audit contract and then performed flawed tests.

In April, CrowdStrike entered into a voluntary agreement with NSS Labs to test its own products but that relationship ended shortly after the testing firm produced an allegedly inaccurate review.

“We decided not to participate in a public test and expressly declined NSS’ later request to conduct public testing,” Crowdstrike’s blog post reads. “After explicitly telling NSS on multiple occasions that they were prohibited from using our software for public testing, they colluded with a reseller and engaged in a sham transaction to access our software to conduct the testing.”

The aforementioned software reseller is Constellation Software Inc., a publicly traded Canadian company that provides numerous third party software services and products.


“While Crowdstike’s request for a Temporary Restraining Order and Preliminary Injunction were denied by the Federal court, they are still suing us at present, and so we are limited in what we can say,” said Vikram Phatak, CEO of NSS Labs. “Whether or not it is their intent, their suit has the effect of keeping us from debating the facts publicly.”

“We obviously disagree and are disappointed with Crowdstrike’s characterization of NSS as portrayed in their recent blog post,” Phatak said, “as far as Crowdstrike’s suit against NSS, we believe the judge’s ruling and memorandum speak for themselves.”

Though the restraining order and injunction were defeated in court, NSS Labs’ employees are careful to speak about the incident because of the threat of future litigation. Anything said at this point could be used in court, so “they are choosing their words carefully,” a spokesperson said.

NSS Labs’ “AEP Group Test” also examined the efficiency of other endpoint products developed by Carbon Black, Comodo, Cylance, Cybereason, ESET, Fortinet, Invincea, Kaspersky, Malwarebytes, McAfee, SentinelOne, Sophos, Symantec and Trend Micro. There are no other legal actions against NSS Labs at this time, a spokesperson told CyberScoop.

“CrowdStrike contends that NSS’s report will ‘cast the Falcon tool in a poor light, and a cursory analysis of the two private reports shows that the public report will be inaccurate’ … [causing a potential] decrease [in] sales and revenues,” a summary of the original court case notes.


Crowdstrike became one of the most famous brands in the cybersecurity industry last year after securing a contract with the Democratic National Committee.

Chris Bing

Written by Chris Bing

Christopher J. Bing is a cybersecurity reporter for CyberScoop. He has written about security, technology and policy for the American City Business Journals, DC Inno, International Policy Digest and The Daily Caller. Chris became interested in journalism as a result of growing up in Venezuela and watching the country shift from a democracy to a dictatorship between 1991 and 2009. Chris is an alumnus of St. Marys College of Maryland, a small liberal arts school based in Southern Maryland. He's a fan of Premier League football, authentic Laotian food and his dog, Sam.

Latest Podcasts