CrowdStrike Unleashes New Agentic, Outcome-Driven AI Innovations to Power the Next Evolution of the SOC

AUSTIN, Texas & SAN FRANCISCO--(BUSINESS WIRE)--RSA 2025 - CrowdStrike (NASDAQ: CRWD) today unveiled Charlotte AI Agentic Response and Charlotte AI Agentic Workflows, marking a leap forward in modern SOC operations. Combined with the previously announced Charlotte AI Agentic Detection Triage, Charlotte AI transcends “ask-and-respond” copilots, delivering autonomous reasoning and action on first- and third-party data. The AI-native CrowdStrike Falcon® platform is now cybersecurity’s intelligent reasoning AI platform, drawing conclusions without human prompts and taking action with bounded autonomy.

Building on Charlotte AI innovation, CrowdStrike extends the power of agentic AI to cybersecurity services. Falcon® Complete Next-Gen MDR with Charlotte AI utilizes the triage decisions of CrowdStrike’s elite analysts to accelerate investigations – creating a powerful, one-of-a-kind feedback loop that supercharges human and AI performance. The winning combination of CrowdStrike’s Charlotte AI agentic model, Next-Gen MDR and CDR, as well as the underlying Falcon platform, delivers the industry’s most advanced AI-native SOC. For the first time, security teams can combine AI-powered real-time detection, expert-informed investigation and automated response within one native architecture. From analyst productivity to full-cycle response, CrowdStrike is redefining how AI protects the modern enterprise.

"There’s a profound difference between adding AI features and fundamentally transforming how cybersecurity works. Charlotte AI goes beyond augmenting humans with suggestions – it actively investigates, reasons and responds autonomously within expert-defined guardrails,” said George Kurtz, founder and CEO of CrowdStrike. “Our agentic AI innovation represents a fundamental shift from reactive to proactive security – furthering CrowdStrike’s mission of stopping breaches.”

New Innovations:

• Charlotte AI Agentic Response: Exponentially increases analyst productivity by automatically asking and answering the investigative questions a seasoned security analyst would pose, accelerating root cause analysis, mapping lateral movement and guiding next steps. This translates to hours of time saved weekly across repetitive alert investigations.

• Charlotte AI Agentic Workflows: Delivered through Falcon Fusion SOAR, these drag-and-drop, LLM-powered workflows enable analysts to insert and activate AI reasoning directly within automated playbooks. For example, a workflow can automatically determine whether a device should be contained based on company policies, then generate appropriate communications for different audiences – executive summaries, technical updates or customer advisories – with automatic translation for global teams.

• Falcon Complete with Charlotte AI: Falcon Complete Next-Gen MDR analysts now leverage Charlotte AI to triage alerts and accelerate analysis, combining expert human oversight with intelligent automation to stop breaches more efficiently.

• Charlotte AI Agentic Detection Triage for Identity: Now extended to Falcon® Identity Protection, allowing analysts to prioritize and act on high-risk identity threats alongside endpoint and cloud alerts, reducing noise and surfacing real attacks faster.

Expanded Protection Across the Digital Estate

CrowdStrike also announced new Falcon platform capabilities that extend protection across critical infrastructure and enhance organizational resilience:

• Falcon® for XIoT with ExPRT.AI: Now validated by 12+ leading ICS vendors, this solution delivers real-time, adversary-driven risk insights, enabling organizations to focus on actively exploited vulnerabilities to protect operational technology and IoT systems without disruption.

• CrowdStrike Pulse Services: New expert-led services help security teams operationalize agentic AI through modular engagements that assess readiness, align workflows and fine-tune policies, accelerating security maturity with targeted guidance.

To learn more about CrowdStrike’s latest AI innovations:

• Visit booth N-6144 at RSA
• Read our blog

About CrowdStrike

CrowdStrike (NASDAQ: CRWD), a global cybersecurity leader, has redefined modern security with the world’s most advanced cloud-native platform for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data.

Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities.

Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.

CrowdStrike: We stop breaches.

Learn more: https://www.crowdstrike.com/
Follow us: Blog | Twitter | LinkedIn | Facebook | Instagram
Start a free trial today: https://www.crowdstrike.com/free-trial-guide/

© 2025 CrowdStrike, Inc. All rights reserved. CrowdStrike and CrowdStrike Falcon are marks owned by CrowdStrike, Inc. and are registered in the United States and other countries. CrowdStrike owns other trademarks and service marks and may use the brands of third parties to identify their products and services.