CrowdStrike has announced a new evolution in security automation with the introduction of Charlotte, described as the industry’s first agentic Security Orchestration, Automation and Response (SOAR) platform. This release introduces an AI security analyst, also named Charlotte, designed to make automation accessible to security professionals of all skill levels.

The platform was developed to address known challenges within the cybersecurity industry, including a skills gap projected to reach four million people. Traditional SOAR tools have been identified as complex, often requiring specialized coding expertise and significant time to build and maintain automation playbooks. These factors present barriers to automation adoption for many organizations.

Charlotte AI: A Natural Language-Powered Analyst

The core of the new platform is Charlotte AI, an analyst that users interact with through natural language. This AI is engineered to investigate alerts, execute response actions, and automate workflows across the CrowdStrike Falcon platform and integrated third-party products via the Falcon Foundry. The technology is powered by CrowdStrike’s proprietary deep learning model, BionicDL.

George Kurtz, co-founder and CEO of CrowdStrike, stated, “Legacy SOAR is dead.” He added that CrowdStrike is reimagining security automation by delivering an AI-native platform that simplifies security operations for every team. The Charlotte agentic SOAR platform comes with hundreds of pre-built, no-code automation workflows, referred to as CrowdApps, to streamline common security tasks.

Democratizing Security Automation

By using natural language prompts, security teams can direct Charlotte AI to discover contextual information from the Falcon platform, automate repetitive tasks, and build complex workflows without writing code. This approach is designed to guide junior analysts through complex investigations and free up experienced security personnel for more strategic initiatives. The stated goal is to lower the barrier to entry for automation and reduce the Mean Time to Respond (MTTR) for security incidents.

Source: https://www.crowdstrike.com/en-us/blog/crowdstrike-leads-new-evolution-of-security-automation-with-charlotte-agentic-soar/