CrowdStrike's Falcon Release Integrates Generative AI and XDR Capabilities

CrowdStrike's Falcon Release Integrates Generative AI and XDR Capabilities

By Greg Tavarez

Cybersecurity has traditionally relied on methods such as firewalls and antivirus software, which primarily utilize predefined rules and known threat patterns. The harsh reality is that these approaches are no longer sufficient because modern adversaries constantly adapt and refine their tactics, making them difficult to detect using static, rule-based systems.

As the digital landscape evolves, so does the arsenal of cybercriminals, who are increasingly adept at exploiting vulnerabilities and evading traditional security measures.

To counter this threat, the field of cybersecurity has embarked on a new era of innovation, driven by technologies like AI and machine learning. Driving cybersecurity forward, CrowdStrike, a cybersecurity provider, is set to introduce a new iteration of its CrowdStrike Falcon platform, integrating the capabilities of generative AI and XDR, which helps organizations respond faster and more effectively to complex cyber threats.

The CrowdStrike Falcon platform leverages real-time indicators of attacks, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver accurate detections, automated protection and remediation, threat hunting and prioritized observability of vulnerabilities.

The advancement to the platform, known as the Raptor release, is powered by the same technology underpinning CrowdStrike's Next-Gen SIEM offering, Falcon LogScale. This release aims to provide customers with the ability to collect, search and store data at a petabyte scale with speed, positioning them to leverage generative AI in their cybersecurity efforts. The goal is to effectively combat the ever-evolving tactics of adversaries and thwart breaches.

The Raptor release boasts several key features. These include an AI-powered Incident Creator named Charlotte AI Investigator, designed to streamline incident creation and investigation through automation.

In a private customer preview, Charlotte AI introduces the capability for customers to ask natural language questions in multiple languages and receive intuitive answers from the Falcon platform. Charlotte AI leverages CrowdStrike's human-validated content, incorporating high-fidelity security data and insights gathered from trillions of security events. These insights are continually enhanced through a human feedback loop involving CrowdStrike's Counter Adversary Operations and Managed Services threat intelligence and hunting experts.

CrowdStrike also extends XDR capabilities to all EDR customers, facilitating accelerated investigations through comprehensive telemetry from across the CrowdStrike platform. The release offers a fast user experience for EDR/XDR with the XDR Incident Workbench and enables real-time collaboration among security analysts through the Collaborative Incident Command Center.

Additionally, the Raptor release amplifies CrowdStrike's generative AI cybersecurity analyst, Charlotte AI. In a private customer preview, Charlotte AI introduces the capability for customers to ask natural language questions in multiple languages and receive intuitive answers from the Falcon platform. Charlotte AI leverages CrowdStrike's rich human-validated content, incorporating high-fidelity security data and insights gathered from trillions of security events. These insights are continually enhanced through a human feedback loop involving CrowdStrike's Counter Adversary Operations and Managed Services threat intelligence and hunting experts.

“Security is a data problem at its core,” said Mike Sentonas, president of CrowdStrike. “CrowdStrike pioneered how cloud-scale data, behavioral AI, and automation can be effectively used to stop breaches that evaded legacy solutions. With the Raptor release, customers can take advantage of data and AI with the speed needed to defeat sophisticated adversaries.”

The “Raptor” release is scheduled to roll out to all CrowdStrike Falcon users over the next year, with initial updates commencing in late September 2023.




Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

SHARE THIS ARTICLE
Related Articles

ICYMI: What's Happening in the MSP Industry?

By: Greg Tavarez    7/19/2024

Here are a few articles compiled into one for readers interested in developments around the MSP space.

Read More

Global Microsoft Outage Linked to CrowdStrike: What Happened, and What's Next

By: Alex Passett    7/19/2024

A massive global Microsoft outage has reportedly stemmed from a misconfigured update from cybersecurity company CrowdStrike.

Read More

MSPs: When is it Time to Evolve Your Brand, Positioning, and Marketing?

By: Contributing Writer    7/18/2024

From the rise of AI to the increase in cyber attacks and the shift to hybrid offices, dynamic forces are driving stronger demand for managed services.…

Read More

Assuring Top-Notch Cybersecurity: Assura and Stellar Cyber Announce New Partnership

By: Alex Passett    7/18/2024

Assura, Inc. and Stellar Cyber have announced a strategic partnership aimed at bolstering both offensive and defensive cybersecurity capabilities for …

Read More

Unveiling Seismic LLC's Unique Value Proposition: An Interview with Richard Cabelo

By: Rich Tehrani    7/18/2024

Seismic is distinctively purpose-built to empower MSPs, VARs, integrators, OEMs, and distributors with the resources and agility needed to achieve bes…

Read More