CrowdStrike launches new generative AI security feature to Falcon platform
CrowdStrike has officially introduced Charlotte AI, a new generative AI cybersecurity analyst designed to democratise security and help every user of the CrowdStrike Falcon platform, from novice to security expert.
Customers can use Charlotte AI to address many of the most critical challenges facing the security community, including closing the cybersecurity skills gap and speeding the response time to stay ahead of adversaries, CrowdStrike states.
Utilising the world's security data that is continuously improved through a tight human feedback loop, Charlotte AI lets customers ask natural language questions in English and dozens of languages and receive intuitive answers from the CrowdStrike Falcon platform.
With Charlotte AI, every user, regardless of skill level, is able to become faster and more efficient responding to events of all types, including advanced threat detection, investigation, hunting, remediation and more.
Charlotte AI and three common use cases
Currently available in private customer preview, Charlotte AI initially addresses three common use cases:
Democratising cybersecurity - every user becomes a power user: With Charlotte AI, everyone from the IT helpdesk to executives like CISOs and CIOs can quickly ask straightforward questions such as, 'What is our risk level against the latest Microsoft vulnerability?' to directly gain real-time, actionable insights, drive better risk-based decision making and accelerate time to response.
Elevate security analyst productivity with AI-powered threat hunting: Charlotte AI will empower less experienced IT and security professionals to make better decisions faster, closing the skills gap and reducing response time to critical incidents. New security analysts, such as a Tier 1 member of a SOC, will now be able to operate the CrowdStrike Falcon platform like a more advanced SOC analyst.
The ultimate force multiplier for security experts: Charlotte AI will enable the most experienced security experts to automate repetitive tasks like data collection, extraction and basic threat search and detection while making it easier to perform more advanced security actions. It will also accelerate enterprise-wise XDR use cases across every attack surface and third-party product, directly from the CrowdStrike Falcon platform. Hunting and remediating threats across the organisation will be faster and easier by asking simple natural language queries.
Generative AI and CrowdStrike
According to the company, Charlotte AI utilises the world's highest-fidelity security data, which includes the trillions of security events captured in the CrowdStrike Threat Graph, asset telemetry from across users, devices, identities, cloud workloads and CrowdStrike's threat intelligence.
The most critical set of data and one unique to CrowdStrike is CrowdStrike's human-validated content, the company states.
Charlotte AI will benefit from a continuous, human feedback loop from across CrowdStrike Falcon OverWatch managed threat hunting, CrowdStrike Falcon Complete managed detection and response, CrowdStrike Services, and CrowdStrike Intelligence.
Mike Sentonas, President of CrowdStrike, comments, "Since our founding, CrowdStrike has pioneered the use of artificial intelligence in cybersecurity to identify adversary behaviour and combat sophisticated attacks to stop breaches.
"With the introduction of Charlotte AI, we're delivering the next innovation that will help users of all skill levels improve their ability to stop breaches while reducing security operations complexity.
"Our approach has always been rooted in the belief that the combination of AI and human intelligence together will transform cybersecurity. We believe our continuous feedback loop on human-validated content is critical, and because of this, no other vendor will be able to match the security and business outcomes of CrowdStrike's approach to generative AI."