CrowdStrike has introduced the generative AI tool Charlotte AI. It allows users to intelligently “query” the CrowdStrike Falcon platform and perform faster analysis on potential threats and find solutions.
CrowdStrike has been integrating AI into its Falcon platform for some time, but is now taking it a step further with Charlotte AI. It is an advancement especially in how it will let end users more easily use analytics to discover new, sometimes hidden, threats.
Charlotte AI functionality
Charlotte AI is a generative AI-based analytics tool that allows end users to query the most sensitive and trusted security data. It allows security experts to detect and stop potential breaches and malware without adding unnecessary complexity to the work.
The generative AI tool allows them to submit inquiries to the CrowdStrike Falcon platform. To these, they then receive intuitive answers back from the platform.
In addition, the tool helps automate repetitive (manual) tasks. Think data collection, extraction and simple threat search and detection. It also enables them to perform more advanced security work.
Input underlying AI model
Underlying the generative AI tool are three main data streams that collectively form the underlying LLM AI model. First, this is CrowdStrike Intelligence data that tracks more than 200 cybercriminals in their “modus operandi” and tactics.
The second data stream is fed by the large amount of security telemetry generated by XDR’s own CrowdStrike Falcon platform and from third-party vendors. The data includes telemetry from secure environments and individual assets, data on known vulnerabilities and policy control data.
Charlotte AI from CrowdStrike is currently being tested by a number of customers.