Tech News and Analysis

DR Technology

Meet Charlotte, CrowdStrike's New Generative AI Assistant

Charlotte AI is the latest security-based generative AI assistant to hit the market.

CrowdStrike is jumping on the generative artificial intelligence (AI) bandwagon, as the company tests out its own generative AI securityassistant, known as Charlotte AI .

Charlotte AI is designed to answer such questions as whether a system is vulnerable to a specific vulnerability, and to provide recommended action items, the company said. It can also be prompted to find malicious activity, such as lateral movement across Windows machines. The goal is to provide less experienced IT and security professionals with the information they need about their environments and security posture in order to make better decisions faster.

Example questions include:

  • "Do we have vulnerabilities involving Microsoft Outlook?"
  • "What are the biggest risks facing our business critical assets?"
  • "Are we protected against the Log4j vulnerability? Where are we at risk?"
  • "Which threat actors target us?"
  • "What are the critical vulnerabilities being exploited by these adversaries?"
  • "Can you sweep my endpoint estate for any IOCs you found?"
  • "What are the top recommended remediation actions for the impacted endpoints?"

CrowdStrike said the AI model is trained on the company's trove of security events data, threat intelligence on hacking groups and ongoing attacks, and telemetry collected from users, devices, and cloud workloads. The "continuous feedback loop on human-validated content" includes CrowdStrike Falcon OverWatch managed threat hunting, CrowdStrike Falcon Complete managed detection and response, CrowdStrike Services, and CrowdStrike Intelligence.

In recent months, several companies — Microsoft and Google included — have incorporated generative AI assistants into their security platforms. These assistants offer security analysts a way to query large amounts of security data using natural language and make correlations among different data sources. In this sense, Charlotte AI provides a natural language interface to the Falcon platform so that security analysts, "regardless of experience level or organization size, [can] be a power user of the Falcon platform," the company said.

Charlotte AI is currently available in a limited, private customer preview only. The company did not provide a timeline for a broader rollout.