The Pwnie Award has been part of Def Con for 17 years. This year, CrowdStrike won the award in one of the categories. Learn about the category in which the company won the award.

• The Pwnie Awards, which has been part of Def Con for 17 years, celebrates and makes fun of the achievements and failures of researchers and the broader security community.
• Some of the past “winners” of the award for the Most Epic Fail category include Microsoft, Sony, X (formerly Twitter), and TSA.

One of the most sought-after hacking and security conferences of 2024, Def Con 32, concluded on August 11 in the Las Vegas Convention Center, Las Vegas, Nevada. Like every year, the conference featured several sessions, workshops, presentations, contests, and award ceremonies related to hacking and cybersecurity.

One award ceremony that has been part of Def Con for 17 years is “The Pwnie Awards,” which celebrates and makes fun of the achievements and failures of researchers and the broader security community. This year’s categories included awards for mobile, desktop, and crypto bugs, Epic Achievement, Lamest Vendor Response, and Most Epic Fail.

The Recipient of This Year’s Epic Fail

Every year, information security community members nominate the best exploits and research they have seen, and an expert panel decides the winner for different categories. Some of the past “winners” of the award for the Most Epic Fail include Microsoft, Sony, X (formerly Twitter), and the Transport Security Administration (TSA).

So, who received The Pwnie Award for the biggest failure this year? You probably guessed it right. It was none other than the cybersecurity firm CrowdStrike, whose one single faulty update led to a global outage of over 8.5 million Microsoft-based devices and cost businesses worldwide millions of dollars.

The award’s recipient shouldn’t come as a surprise. The list of nominations for each Pwnie was released about five days after the incident, and there could have been only one clear winner for the Most Epic Fail award.

Despite receiving criticisms, heavy backlash, and even lawsuits after the July incident, CrowdStrike president Michael Sentonas came to collect the award in person at the Def Con awards ceremony, held the award confidently, and faced the embarrassment head-on.

CrowdStrike Wants Every Employee To Remember the Incident

Receiving the award, Sentonas said to the conference delegates that it was important for the company to “own” its mistakes. He further said, “The reason why I wanted the trophy is I’m heading back to headquarters. I’m going to take the trophy with me. It will sit in pride of place because I want every CrowdStriker who comes to work to see it. After all, our goal is to protect people, and we got this wrong, I want to make sure that everybody understands these things can’t happen, and that’s what this community is about. So, from that perspective, I will say thank you.”

While this gesture was received with huge praise and applause by the audience, the company still faces a long road to repairing its reputation.