CrowdStrike is launching a private customer preview of its own generative AI solution which it calls Charlotte AI, essentially an AI assistant for the company’s CrowdStrike Falcon platform designed to help any user of the platform become a power user.
According to the Austin, Texas-based cybersecurity giant, Charlotte AI lets customers ask natural language questions and receive answers from the Falcon platform, enabling anyone from the IT helpdesk to CIOs and CISOs ask questions to help secure their organizations.
CrowdStrike’s cybersecurity generative AI assistant
CrowdStrike says Charlotte AI initially addresses three main use cases: democratizing cybersecurity and giving every user the same capabilities, elevating IT and security productivity with AI-powered threat hunting, and automating repetitive tasks like data collection, extraction and detection.
Users can ask Charlotte AI questions such as “What is our risk level against the latest Microsoft vulnerability?” to directly gain actionable insights to inform decision-making and accelerating time to response.
Like other generative AI applications, Charlotte AI will also help level the playing field and give less experienced IT and security professionals the ability to make better decisions faster, essentially narrowing the cybersecurity skills gap and reducing response time.
According to CrowdStrike, Charlotte AI will leverage CrowdStrike’s data, including the trillions of security events captured in the CrowdStrike Threat Graph, asset telemetry from across users, devices, cloud workloads and the company’s threat intelligence research.
In addition, Charlotte AI will benefit from “a continuous, human feedback loop” from Across CrowdStrike Falcon OverWatch managed threat hunting, CrowdStrike Falcon® Complete managed detection and response, CrowdStrike Services, and CrowdStrike Intelligence.
In a statement, CrowdStrike President Mike Sentonas said CrowdStrike has pioneered the use of AI in cybersecurity to identify malicious behavior and combat advanced attacks. Charlotte AI is the next innovation that will help users of all skill levels improve their ability to stop cyberattacks and reduce complexity, he adds.
“Our approach has always been rooted in the belief that the combination of AI and human intelligence together will transform cybersecurity,” Sentonas said. “We believe our continuous feedback loop on human-validated content is critical, and because of this, no other vendor will be able to match the security and business outcomes of CrowdStrike’s approach to generative AI.”
Charlotte AI in action
In a blog post, CrowdStrike lists several examples of questions users can ask, including:
- “Do we have vulnerabilities involving Microsoft Outlook?”
- “What are the biggest risks facing our business critical assets?”
- “Are we protected against the Log4j vulnerability? Where are we at risk?”
- “Which threat actors target us?”
- “What are the critical vulnerabilities being exploited by these adversaries?”
- “Can you sweep my endpoint estate for any IOCs you found?”
- “What are the top recommended remediation actions for the impacted endpoints?”
Other questions can prompt Charlotte AI to find malicious activity, such as lateral movement involving Windows hosts, the company says.
CrowdStrike, AWS AI partnership
The private preview of Charlotte AI came a day before CrowdStrike and AWS announced that the companies are working on new generative AI applications to help companies accelerate their cloud, security and AI journeys.
CrowdStrike will be leveraging new generative AI applications of Amazon Bedrock, a fully managed service that makes foundational models from leading AI startups and Amazon available via an API, to help customers adopt advanced Falcon Platform search, reporting and automation, the companies say.
In fact, Amazon Bedrock was used to accelerate development of Charlotte AI, according to CrowdStrike.
In addition, the companies are also working on solutions to help keep customers safe across a range of AI and ML services as generative AI rapidly transforms the tech industry.
According to CrowdStrike, the company is extending the protection of CrowdStrike Falcon Cloud Security to AWS AI/ML services by providing native integrations designed to further prevent, identify and remediate security risks associated with the adoption of AI/ML.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply