CrowdStrike has introduced a groundbreaking agentic security workforce across the CrowdStrike Falcon platform, redefining how security operations are executed. This expansion brings two major innovations: mission-ready agents embedded within Falcon modules and Charlotte AI AgentWorks, a no-code platform designed to transform every security team into AI builders. Together, these advancements enable organizations to automate repetitive tasks, accelerate critical outcomes, and allow analysts to focus on strategic decision-making that strengthens defenses.
The new capabilities are powered by the Falcon Agentic Security Platform, unveiled as the foundation for the agentic SOC (Security Operations Center).
“Our vision is that every security analyst will be in command of an agentic security workforce that eliminates the time-consuming and repetitive tasks better suited for machines,” said Michael Sentonas, president of CrowdStrike. “We started with seven of the most common and high-impact workflows, embedding the expertise of Falcon Complete analysts into agents that reason, decide, and act with the judgment of an elite analyst at machine-speed. And with Charlotte AI AgentWorks, customers can go further, building and customizing their own agents to extend these capabilities into the unique workflows of their environment.”
Mission-Ready Agents: Streamlining Security Workflows
Unlike traditional tools, the agentic SOC represents a workforce of AI-powered agents operating at machine speed under full defender control. CrowdStrike’s first fleet of agents, powered by Charlotte AI, is designed to manage essential security workflows and reduce manual workloads. Integrated into Falcon modules and informed by millions of real-world decisions from Falcon® Complete Next-Gen MDR, these agents extend the value of the Falcon platform by scaling expertise and expediting investigations.
Also Read: CrowdStrike Secures AI’s Future Across the Enterprise
The initial lineup of mission-ready agents includes:
-
Exposure Prioritization Agent (Falcon Exposure Management): Automates vulnerability triage to shrink backlogs and prioritize remediation.
-
Malware Analysis Agent (Falcon Threat Intelligence): Analyzes files, maps malware families, and generates YARA rules for proactive defense.
-
Hunt Agent (Falcon Threat Intelligence): Conducts proactive threat hunting and continuous scans for emerging risks.
-
Search Analysis Agent (Falcon Next-Gen SIEM): Summarizes and interprets query results within seconds.
-
Correlation Rule Generation Agent (Falcon Next-Gen SIEM): Suggests and fine-tunes detection rules for complex threats and insider risks.
-
Data Transformation Agent (Falcon Next-Gen SIEM): Normalizes and translates data across tools to prevent automation delays.
-
Workflow Generation Agent (Falcon Next-Gen SIEM): Converts natural language into automated workflows in Falcon Fusion, with no coding required.
Charlotte AI AgentWorks: Empowering Teams to Build and Customize Agents
In addition to pre-built agents, CrowdStrike now empowers customers to design their own. Charlotte AI AgentWorks allows security teams to build, test, and deploy custom agents directly in the Falcon platform using natural language commands. The no-code platform eliminates complexity while ensuring enterprise-grade governance and security, turning every team into an orchestrator of AI-driven defense.
Agentic Workforce with Analyst-Level Judgment
Trained on millions of expert SOC decisions from Falcon Complete Next-Gen MDR, this AI-powered workforce combines reasoning, oversight, and guardrails. Analysts can collaborate with agents in real time, scaling expertise across their environments and centralizing agentic defense within the Falcon platform to accelerate investigations and enhance outcomes.
Expanding Defense Through Agentic Collaboration
Charlotte AI also enables secure collaboration with third-party agents from trusted partners, including Abnormal AI, Corelight, ExtraHop, Google, GreyNoise, Proofpoint, Rubrik, Salesforce, ServiceNow, Zscaler, and others. This integration extends agentic defense across enterprise ecosystems, with Charlotte AI serving as the central command plane for human–machine and multi-agent collaboration.
