SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Interconnected computer networks digital shield ai cyber defense enterprise industrial
#
Cloud Security
#
IoT Security
#
IoT

CrowdStrike unveils Agentic SOAR & expands Falcon’s AI agents

Thu, 6th Nov 2025
Author image
By Sean Mitchell, Publisher

CrowdStrike has announced new developments to its Falcon platform, unveiling a suite of innovations aimed at strengthening cyber defence and operational visibility across IT, cloud, and operational technology environments.

Agentic SOAR launch

The company has introduced Charlotte Agentic SOAR as a core orchestration layer within the Falcon Agentic Security Platform. This system is designed to connect and manage AI-powered agents throughout the security lifecycle, allowing them to operate collaboratively and respond to threats in real time, under the direction of analysts.

"Security operations can't match the speed of AI-accelerated adversaries with static automation and rule-based playbooks. Charlotte Agentic SOAR brings reasoning and coordination to the agentic SOC, where analysts orchestrate AI-powered agents in real time to stop breaches with speed, precision, and control," said Michael Sentonas, President of CrowdStrike.

Charlotte Agentic SOAR allows analysts to use natural language and drag-and-drop controls to connect tools, define operational guardrails, and execute both structured and adaptive workflows without the need for coding. By coordinating native, custom-built, and third-party agents, the system aims to deliver intelligent and coordinated threat prevention, detection, and response.

Evolution of the agentic SOC

CrowdStrike's announcement detailed an enhanced approach to security operations, shifting the role of defenders from manual task execution to orchestrating an ecosystem of intelligent agents. The platform's AI-ready data layer provides context to both human analysts and automated agents, powering what the company terms an "Agentic Security Workforce." New modules also enable organisations to build custom agents without code, managed through the Charlotte Agentic SOAR orchestration system.

Expansion of Agentic Security Workforce

The company has expanded its Agentic Security Workforce with new mission-ready agents tailored to accelerate common security operations tasks. These include the Foundry App Creation Agent, which allows teams to build security applications using natural language instructions; the Data Onboarding Agent, which streamlines data integration for Falcon Next-Gen SIEM; and an updated Exposure Prioritization Agent for continuous vulnerability management.

If agents are expected to think, reason, and act like an expert analyst, they must be trained on expert experience, not legacy playbooks. That's the difference between static automation and true intelligence - playbooks train automation, people train intelligence. CrowdStrike's agents learn from the world's best SOC operators, giving them the judgment to act autonomously and the discipline to stay under defender command.

This perspective was offered by George Kurtz, Chief Executive Officer and Founder of CrowdStrike, underscoring the company's approach of embedding human judgement into its autonomous agents.

The new mission-ready agents supplement existing modules, aiming to relieve analysts from routine or complex manual tasks and allowing greater focus on strategic security decisions. Charlotte AI AgentWorks enables organisations to develop no-code, custom agents, while Charlotte Agentic SOAR provides a control plane for unified agent management across the platform.

XIoT and operational technology focus

Further enhancements to the Falcon platform include Falcon for XIoT, a development targeted at providing zero-touch asset discovery and unified operational visibility within Extended Internet of Things (XIoT) and operational technology (OT) environments. The offering eliminates the requirement for additional hardware or intrusive network scans, helping organisations monitor device communications and segmentation in real time without disrupting critical operations.

"Customers are demanding a single platform to understand risk, unify protection, and eliminate complexity across every attack surface. With these innovations, customers can replace the fragmented tools they've been forced to rely on for too long, accelerating consolidation on Falcon," said Elia Zaitsev, Chief Technology Officer at CrowdStrike.

Falcon for XIoT's main features include automatic identification and inventory of industrial assets across segmented networks, real-time segmentation visibility to detect policy violations, and a dynamic interface that aggregates industrial asset and vulnerability data.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Most organisations neglect key security in rapid AI adoption
Wrap up of Commvault Cloud Unity unifies data, cyber & identity resilience
Tenable named leader in 2025 Gartner quadrant for exposure platforms
Duality & Google Cloud launch confidential AI with GPU power
Cloudsmith unveils MCP Server to bridge AI & developer tools

Top stories

Boomi recognises APAC innovation with awards for digital impact
Suprema unveils BioStar X for unified AI biometrics & security
Phishing kits & steganography drive new wave of email threats
Milestone reveals city AI model as hackathon prize hits EUR €5,000
Mizuho Bank streamlines Asia Pacific payments with new platform