CrowdStrike unveils Charlotte AI to boost cybersecurity

CrowdStrike has introduced Charlotte AI Detection Triage, a new feature designed to enhance security operations through the use of artificial intelligence.

Charlotte AI Detection Triage is set to provide a noticeable improvement in security operations, offering an accuracy rate exceeding 98% while reducing labour by eliminating over 40 hours of manual triage each week.

The system is developed to assist Security Operations Centre (SOC) teams in managing the increasing sophistication of cyber threats.

Charlotte AI autonomously handles the analysis, prioritisation, and summarisation of security detections. This facilitates the differentiation between genuine threats and false positives swiftly. Despite its autonomy, it incorporates safeguards to ensure that human oversight of AI-driven decisions remains, giving security teams definitive control over when and how automated actions are deployed.

The development of Charlotte AI is part of CrowdStrike's collaboration with its Falcon Complete Next-Gen Managed Detection and Response (MDR).

It is touted as a sophisticated application, trained on millions of real-world triage decisions that blend artificial intelligence with human expertise to perform SOC triage at a speed unattainable by purely human efforts.

The need for such innovations is underscored by the increasingly rapid pace of attacks, enabled in part by adversaries leveraging AI technologies themselves. The pressing concern over breakout times shrinking to mere minutes highlights the importance of such a system that can help alleviate the burden on security analysts, enabling them to focus on authentic, high-priority threats rather than false alerts.

Charlotte AI is equipped with specific attributes that differentiate it from other AI models, as it utilises CrowdStrike's proprietary data set founded on years of Falcon Complete triage decisions.

This exclusive dataset allows the AI to deliver accurate threat detections replicating real adversarial tactics.

The system is engineered to sustain a model of bounded autonomy, where security teams can establish specific parameters for when AI-driven actions take place, ensuring that the human role remains integral to the oversight of these automated processes.

Elia Zaitsev, Chief Technology Officer at CrowdStrike, commented on the significance of this new development: "Charlotte AI Detection Triage represents the next leap forward in agentic AI innovation, uniting the power of AI and the precision of human expertise to define tomorrow's SOC."

"As attacks grow more sophisticated and faster, security teams need AI-driven solutions that deliver measurable operational impact. Charlotte AI enables defenders to move faster with greater accuracy — while ensuring SOC teams maintain full control. This is the future of AI in cybersecurity — one that accelerates response, enhances productivity and helps organisations stay ahead of evolving threats."

Charlotte AI Detection Triage is now available for the enhancement of security operations, promising to bring a beneficial shift in how organisations tackle cyber threats while ensuring AI-driven processes remain under human supervision and control.