Crowdstrike has expanded the automation capabilities of its Falcon platform, which has added agentic with agentic security workforce. In this way, now the company’s customers have the possibility of using autonomous functions to automate repetitive tasks in two ways: with the agents of the Falcon modules and with the non-code Charlotte Ai Agentworks platform.
Falcon Agentic Security is, for Crowdstrike, his base of the Autonomous Soc, as the Boreral forces driven by AI but controlled by a professional. The first fleet of Crowdstrike agents, driven by Charlotte AI, is designed to manage critical security workflows, in addition to automating tasks.
Available within the Falcon modules, and based on the real decisions of Falcon Complete Next-Gen MDR, these agents allow to climb the experience and accelerate the analysis. Among these agents are Exposure Prioritization Agent (Falcon Exposure Management), which is responsible for automating the prioritization of vulnerabilities, which reduces delays and focuses the remediation on exploitable risks.
It also includes malware Analysis Agent (Falcon Threat Intelligence), which analyzes files, classifies malware families and generates Yara rules, which allows to prepare a defense at the family level instead of doing it file per file per file. Hunt Agent (Falcon Threat Intelligence) automates the proactive search for threats, for which he analyzes continuously in search of emerging risks, and Search Analysis Agent (Falcon Next Gen Siem) summarizes and interprets results of consultations in seconds.
With correlation rule generation agent. Finally, Workflow Generation Agent (Falcon Next Gen Siem) converts natural language into automated workflows in Falcon Fusion without the need for programming.
In addition to these agents announced by Crowdstrike, the company’s customers can also create and deploy their own, thanks to Charlotte Ai Agentworks, which through natural language allows us to define the mission of the agents, as well as the data they will use and their behavior. All without the need for program. Neither for the creation of agents nor for their test or deployment. They are launched directly on the Falcon platform, with security and governance at the company level.
Charlotte ai can connect and collaborate safely with external partners agents such as ABNORMAL AI, Corelight, Extrahop, Google, Graynoise, Proofpoint, Rubrik, Salesforce, Servicenow or Zscaler. All platform customers will have access to Charlotte AI, including new agents. Of course, with limited monthly credits.
Michael Sentonas, President of Crowstrikehe has offered some more details about these novelties, and highlights that they have started «With seven of the most common and greatest impact workflows, incorporating the experience of Falcon Analysts complete in agents that reason, decide and act with the criteria of an elite analyst, but at machine speed. And with Charlotte Ai Agentworks, customers can go further, creating and personalizing their own agents to extend these capacities to specific workflows of their environment ».
