CrowdStrike releases agentic AI for the SOC
CrowdStrike has unveiled new AI-powered innovations aimed at revolutionising security operations centres (SOCs).
During the RSA security conference in San Francisco recently, CrowdStrike unveiled Charlotte AI Agentic Response and Charlotte AI Agentic Workflows, a pair of solutions designed to support autonomous reasoning and actioning within SOCs.
Charlotte AI Agentic Response aims to autonomously ask and answer the investigative questions a security analyst would pose, to accelerate root cause analysis and map an attacker’s lateral movement within a network.
Charlotte AI Agentic Workflows meanwhile enables analysts to insert AI reasoning within automated playbooks, to help automatically determine actions such as containing devices based on company policies, and generate appropriate communications for audiences including executives, security technicians and consumers.
CrowdStrike has also implemented its Charlotte AI within the Falcon Complete next-generation managed detection and response platform to triage alerts and accelerate analysis.
Also at RSA, CrowdStrike has introduced the Falcon Adversary OverWatch next-generation security information and event management platform, which is designed to bring managed threat hunting to third-party data for the first time.
The company says the new solution uses threat intelligence to rapidly uncover evasive threats by unifying native and third-party data. It also uses machine learning to analyse human behaviour to uncover insider threats and well-concealed adversaries once they are on the network. AI-driven risk scoring helps security teams reduce false positives and investigate suspicious activities from a centralised platform.
CrowdStrike founder CEO George Kurtz said with the new innovations, the company is aiming to transform how cybersecurity works by using the power of AI.
“Our agentic AI innovation represents a fundamental shift from reactive to proactive security — furthering CrowdStrike’s mission of stopping breaches,” he said.
Arctic Wolf launches incident response platform
Arctic Wolf has launched a new solution combining incident readiness with incident response...
Tenable adds third-party connectors to Tenable One
Tenable has introduced a range of third-party data connectors to its Tenable One...
Just 8.5% of Aussie organisations have quantum-safe encryption
Research from DigiCert shows a wide gap between Australian enterprises' awareness of quantum...