Today, with more than 4,500 customers and partners joining us at Fal.Con, the industry’s premier cybersecurity event, I was excited to unveil a host of powerful innovations that will unlock the power of generative AI and generative workflows, give customers more speed and intelligence to combat the adversary, and disrupt the legacy security market that has failed to deliver.
Since I founded CrowdStrike in 2011, we’ve reshaped and revolutionized our industry by focusing on the security outcomes that customers need most: stopping breaches. While this may seem like a simple concept, in 2011 everyone was focused on stopping malware. But we knew customers didn’t have a malware problem, they had an adversary problem. Stopping the adversary was how we were going to stop breaches.
While malware is noisy and easy to detect, the adversary isn’t. The answer to finding and stopping the adversary is data. At its core, security has always been a data challenge. But finding the faint signal of adversary activity hidden in trillions of data points is a significant challenge.
Solving the problem would require an incredibly powerful data platform, with a cloud-native architecture that could scale to handle massive volumes of data and a single agent that could serve as the chassis for ingesting data into the platform. It would require artificial intelligence (AI) and machine learning built in at the core to speed detection, rapidly surface hidden threats and drive automation to simplify complex tasks.
This was the foundation of the CrowdStrike Falcon® platform we built in 2011. We used the platform to first solve the challenge of endpoint security, disrupting the industry. And the architectural brilliance of the Falcon platform is as powerful today as it was then. It’s this architectural advantage that allows us to continually solve new problems as the adversary evolves. It’s this foundation that allows us to solve use cases and problems customers didn’t even know they had in 2011.
That’s why I’m excited to share the innovations that will bring us into the future — together at Fal.Con.
Preparing for the Tectonic Shift of Adversarial AI
There are moments of technology innovation, like the introduction of the internet or the iPhone, where we know the world is about to change. For many of us, generative AI is one of these moments. It holds unlimited possibilities but also creates risks the security industry will face before the rest of the world realizes the challenge.
I call it adversarial AI, and it will bend the time and knowledge gap for the adversary. I believe we’ll continue to see the time scales of breaches become more compressed: breakout time, vulnerability weaponization and malicious code development will happen faster than ever before. The barrier to entry for an adversary will continue to be lowered. As a result, we’ll see the volume, sophistication and speed of attacks rise. This is the future threat we’ll face together.
But just like generative AI can be used for malicious purposes, it will also serve as a powerful tool for defenders, helping them elevate their skills, save time and gain speed. CrowdStrike will lead the industry forward and put the power of generative AI into the hands of its customers.
Charlotte AI: Generative Workflows for Better Outcomes
At Fal.Con, we’re excited to show the world the power of Charlotte AI. We believe generative AI should be about generative workflows. It should make defenders better and faster and rapidly surface the information they need to make smarter decisions.
The security industry is beset with busy work. Reading intelligence reports, filtering data and chasing down vulnerabilities are time-consuming and can be daunting. A 10-hour day can be filled with mundane tasks like these — and every hour spent reading a report is one less hour you have to fight the adversary.
Generative workflows created by Charlotte promise to turn an 8-hour day of activity into 8 minutes. We want security professionals to have a conversation with Charlotte, get contextualized information they need, create workflows and go after the adversary. For example, it will condense thousands of pages of Intelligence reports into the insight you need to make better, faster decisions. It’ll also help you with your work, hunting for signs of adversary activity, creating remediations, identifying exposure to vulnerabilities and more. I’m excited for everyone to see Charlotte in action.
Platform Innovations to Power the Future
We also unveiled a number of platform innovations that will make customers faster at hunting and investigations and unlock the full potential of their creativity. The Falcon platform is the most powerful data platform in the cybersecurity world. Now, we’re making it even more powerful by upgrading the platform with the same technology as our next-gen SIEM offering, CrowdStrike® Falcon LogScale™.
This platform release will give customers petabyte-scale, lightning-fast data collection, search and storage. All CrowdStrike EDR customers now get native XDR to accelerate investigations with comprehensive endpoint, identity, cloud and data protection telemetry from across the CrowdStrike platform. Our new XDR Incident Workbench will accelerate investigation and response times with a completely reimagined user experience for EDR/XDR, designed around incidents, not standalone alerts. And with a new collaborative incident command center, customers can work incidents in real time with security analysts from any location, at any time, from a unified source of truth. It will fuel the next era of generative AI-powered cybersecurity innovations to keep customers ahead of rapidly evolving adversary tradecraft and stop breaches.
We also want to put the power of the platform into your hands. The Falcon platform has the best architecture to collect data, evaluate it and take action at scale. We have the best security data and the best automation. We’re opening this up to launch cybersecurity’s first no-code application development platform: CrowdStrike Falcon® Foundry. Customers and partners will be able to use the Falcon platform architecture advantage to build applications that solve their own specific use cases. I want customers to use our data, our automation and our AI advantage to harness their creativity.
CrowdStrike: Disrupting Legacy Markets
At Fal.Con this year, we’re also releasing and showing the world three powerful new modules we believe will rapidly become the industry standard for protection:
CrowdStrike Falcon® Data Protection: This new innovation is the direct result of insight, input and feedback from our design partners. Falcon Data Protection stops data theft with dynamic data protection policies that automatically follow content, even as it moves across files or SaaS applications, to protect data as it’s being copied or shared.
CrowdStrike Falcon® Exposure Management: Customers can stop breaches before they start by proactively reducing an adversary’s opportunity for compromise and lateral movement. Falcon Exposure Management provides full visibility into every asset and real-time assessment of potential exposures, prioritization of issues and integrated responses. IT and security teams can focus on resolving the small number of problems that most effectively stop breaches — not a stream of low-priority fixes.
CrowdStrike Falcon® for IT: With the new Falcon for IT, teams can consolidate all critical IT and security workflows in an end-to-end lifecycle powered by Charlotte AI. Falcon for IT enables comprehensive visibility across the IT environment. Teams can use their existing agents for real-time queries and continuous monitoring of IT processes to view system asset utilization, compliance status, running services and performance reporting. With this data, IT can work with security to quickly act on issues like missing patches and outdated policies.
For more information on these latest innovations, please read the companion blog from our chief product officer, Raj Rajamani.
Delivering the Industry’s Most Complete Code-to-Runtime Cybersecurity Platform
Today at Fal.Con, we announced an agreement to acquire Bionic, a pioneer of application security posture management (ASPM). This will give our customers the most seamless and comprehensive view of cloud risk — from code development through runtime — in a single, unified platform.
The cloud is cybersecurity’s new battleground. CrowdStrike is delivering the protection customers need to address the entirety of their cloud risk, from code development to infrastructure and applications.
This is an exciting moment for CrowdStrike and our customers as we extend our cloud security leadership position. For more information on the news, read the companion blog by CrowdStrike president Mike Sentonas.
There is so much that happened at Fal.Con this year! If you weren’t able to join us in person, we encourage you to check out the on-demand broadcasts.