CrowdStrike Unveils Agentic AI Platform to Revolutionize Cybersecurity

CrowdStrike bets on agentic workforces to outpace AI-driven adversaries

"The legacy SOC as we know it can't compete. It's turned into a modern-day firefighter," warned CrowdStrike CEO George Kurtz during his keynote at Fal.Con 2025, underscoring the urgency enterprises face in adopting autonomous security to survive an escalating cyber arms race. The onslaught of adversarial AI tradecraft is forcing the cybersecurity industry to reinvent itself at machine speed. The intensifying pressure to meet those challenges is creating an unprecedented turning point comparable to the advent of firewalls or the launch of the iPhone. At Fal.Con 2025, CrowdStrike seized the moment by unveiling its Agentic Security Platform, designed around autonomous AI agents. "The customer response has been overwhelming," Kurtz noted in a post-event interview with VentureBeat. "From my perspective, the takeaway is how excited customers are, and just to hear the feedback on how important we are in their own organizations, how customers want to do more, and how they want to consolidate with CrowdStrike. The general consensus was the innovation, the pace of innovation, they were very impressed with." Strategic partnerships with industry giants Nvidia, Salesforce and Meta amplify this pivot, positioning CrowdStrike squarely at the center of an information security market projected to soar to $293.9 billion by 2028. Despite predicted double-digit compound annual growth rates for cybersecurity spending in general and SOC investments specifically, SOCs are facing an existential challenge moving faster and with more lethality than predicted. Kurtz's keynote included examples of how traditional Security Operations Centers (SOCs) are becoming obsolete in the face of AI-driven threats. Generative AI (gen AI) is already well-weaponized and compressing the time SOCs have to respond. Mike Sentonas, CrowdStrike president, began his keynote with compelling data that underscored how cybersecurity defenses are being challenged in new ways that defy easy identification and containment. Both Kurtz's and Sentonas' keynotes provided compelling data showing how organizations clinging to legacy defenses face severe exposure unless they urgently embrace agent-driven defenses that operate at AI speed. The event itself generated positive industry feedback, with Kurtz noting customer comments that "this was the best security conference they went to for the entire year." The company cited practitioner-focused attendance as a differentiator from larger industry events. Agentic AI ushers in a new security operating model CrowdStrike's introduction of the Agentic Security Platform represents a significant leap forward in the company's platform strategy. Their ability to innovate at scale is among the fastest in the industry, specifically in the areas of integrating AI and gen AI into their platform via new modules, services, and enhancements. Central to this evolution is CrowdStrike's recent strategic acquisition of Pangea for approximately $260 million, enabling the industry's first fully integrated AI Detection and Response (AIDR) solution. CrowdStrike's Agentic Security Platform introduces four distinct innovations that fundamentally change enterprise security operations: * Enterprise Graph Integrates telemetry from endpoints, identities, cloud, and SaaS environments into a unified, AI-ready data model optimized for real-time threat detection and response. * Charlotte AI AgentWorks Empowers security teams with the industry's first no-code platform for creating, testing, and orchestrating trusted autonomous security agents. * Agent Collaboration Framework Built upon the Model Context Protocol (MCP), this capability positions Falcon as the core operational hub of an autonomous agent-driven ecosystem. * AI-Powered Console Provides analysts with a natural-language interface, instantly transforming complex data streams into actionable intelligence. "When I started the company, it was to be a platform company. You can't be a platform on your own. Obviously, you need a diverse ecosystem," Kurtz explained during the interview. "We believe our philosophy is you have to be open and not close, and that's much different than what our competitors have." When asked about their development velocity, Sentonas explained the architectural advantage: "You have one sensor, you have one platform. That sensor collects data and puts it into one graph. Every other team gets benefit from that." Kurtz added: "When we come out with a new module, for the most part, it's a workflow. So we've built collection capabilities. So 75% to 80% of the work is already done. All we're now doing is building the experience and the workflow, and that's why we can move so quickly." During the keynote, Kurtz emphasized the shift represented by autonomous AI agents: "AI agents, to me, look a lot like a human. They have an identity, workflow, resources, data access; some companies even assign them employee IDs." Rather than promising dramatic AI transformation, the company emphasizes cumulative benefits. "I look at AI as the ability to compound," Kurtz explained. "You have to look at it as a compounder. Can you save 20 minutes here? Can you save 15 minutes there? Can you save costs there? And when you start to add it all up, sometimes people want a big bang, and it's like, you don't need a big bang, you just need to add all this stuff up and then it compounds over time." The shift isn't theoretical. Canalys research confirms that CrowdStrike partners generate up to $7 in additional service revenue for every $1 invested by customers into the Falcon platform, establishing the highest cybersecurity ecosystem multiplier ever documented. Falcon Next-Gen SIEM is central to this growth, enabling partners to expand their managed services portfolios rapidly. Strategic partnerships amplify CrowdStrike's AI security dominance CrowdStrike's ecosystem-driven approach is especially evident through transformative partnerships. "You can't be a platform on your own," Kurtz emphasized in yesterday's VentureBeat interview. "Our philosophy is open, not closed, and that's why partners tell us this is the most productive event they attend. We want them to be successful, because if they're successful, we are too." * Nvidia. Charlotte AI AgentWorks seamlessly integrates with Nvidia Nemotron models, allowing security analysts to rapidly create customized no-code security agents, establishing the foundations of a completely autonomous SOC. * Salesforce. Embedding Falcon Shield into Salesforce Security Center and integrating Charlotte AI with Salesforce's Agentforce platform empowers businesses to trace AI agent behavior to human creators directly, rapidly identify threats, and automate containment actions. * Amazon Business Prime. Perhaps most notably, CrowdStrike now democratizes enterprise-grade cybersecurity for SMBs. Amazon Business Prime members gain complimentary access to Falcon Go, a significant savings of $59.99 annually per device, addressing the stark reality that 89% of SMBs remain vulnerable to advanced ransomware attacks due to limited AI-driven security adoption. "Make partners successful. If they're successful, we're successful," Kurtz emphasized. The approach has proven effective, with partners saying "it's the most productive event they go to, because our customer base, they're all here, and a lot of our partners want our customers to be their customers." Pangea acquisition completes the AI security stack CrowdStrike's acquisition of Pangea reflects how the company continues to prioritize securing the entire AI lifecycle. Kurtz explained the necessity clearly: "AI is rapidly reshaping the enterprise attack surface, every prompt is a potential entry point". Pangea provides protection against prompt-injection attacks with efficacy that scales up to what enterprises need, including up to 99% accuracy and sub-30ms latency. Kurtz and Sentonas, throughout their keynotes, doubled down on how their platform vision centers on offering visibility, governance, and control over AI interactions for every customer. Sentonas reinforced that clarity on cost is central during an interview with VentureBeat this week. "The great news is a lot of the things we've shown are not things you need to go and buy. Innovation is built into the platform, part of the subscription model. We're always clear what's included, what's new, and where Flex applies." Addressing enterprise cost concerns about agentic AI adoption, the executives emphasized transparency. "Customers want to know where they are in their journey, what they have left," Kurtz acknowledged. Sentonas added that "a lot of the things that we've shown are not things that you need to go and buy. Some will be, of course, but I would argue that [the products'] ability to save you money is going to far outweigh the outlay to buy the product." A key driver behind CrowdStrike's platform success is Falcon Flex, which addresses customer procurement fatigue and consolidation desires. This approach highlights CrowdStrike's focus on platform consolidation rather than point solutions, supported by a steady pace of innovation through both internal development and strategic acquisitions. Despite technological capabilities for faster releases, CrowdStrike has adopted a measured approach. "We've gone back to a fall and a spring release, because customers can't deal with more than two a year. They just can't," Kurtz noted. "There needs to be a cadence." Oliver Friedrichs, CEO and founder of Pangea, emphasized the strategic alignment: "Joining CrowdStrike enables us to fulfill our vision at a global scale, unifying AI security with Falcon to deliver the industry's first truly comprehensive AI Detection and Response solution." Meta collaboration defines AI security benchmarks CrowdStrike's collaboration with Meta introduces CyberSOCEval, the first open-source benchmark framework designed to evaluate AI performance in realistic security scenarios. Built on Meta's open-source CyberSecEval foundation and enriched by CrowdStrike's threat intelligence and cybersecurity AI data expertise, CyberSOCEval rigorously tests large language models (LLMs) across critical SOC workflows, including incident response, malware analysis, and threat comprehension. The benchmarks are built on real-world adversarial techniques combined with expert-designed security reasoning scenarios to gauge AI model performance under operational pressure accurately. "When two leaders like CrowdStrike and Meta come together, it's larger than collaboration, it's about setting the direction of cybersecurity for the AI era," said Daniel Bernard, Chief Business Officer at CrowdStrike. Vincent Gonguet, Director of Product, GenAI at Meta added, "At Meta, we're committed to advancing and maximizing the benefits of open-source AI, especially as large language models become powerful tools for organizations of all sizes. Our collaboration with CrowdStrike introduces a new open-source benchmark suite to evaluate the capabilities of LLMs in real-world security scenarios." Going all-in on creating a data moat unmatched by competitors CrowdStrike's competitive differentiation is anchored in its unmatched data foundation created by processing trillions of security events daily, enriched by a decade's worth of annotated threat intelligence. Kurtz referred to this advantage as the "Reddit of security data." CrowdStrike emphasizes its data advantage as a key differentiator, though competitors with their own large threat intelligence datasets are also investing heavily. With seven pre-built autonomous security agents available immediately, CrowdStrike continues to look for new areas to embed that expertise into agentic workflows, enabling machine-speed threat response and decision-making. As CrowdStrike president Michael Sentonas stated clearly during the keynote, "Every analyst will command an agentic workforce, freeing humans from repetitive tasks better executed by machines." Autonomous security is becoming table stakes for SOCs to stay secure CrowdStrike's Fal.Con 2025 announcements signify a fundamental shift rather than incremental change. The integration of autonomous AI agents across the Falcon platform, amplified by strategic partnerships, positions itself to reset the competitive baseline, though rivals are also pursuing autonomous AI capabilities. Taken together their many announcements this week are directly challenging rivals including Palo Alto Networks, Microsoft, SentinelOne and others, each of which are also investing heavily in autonomous cybersecurity capabilities. This transformation addresses an accelerating gap between adversary capabilities and traditional defenses. Mike Sentonas, CrowdStrike's President, highlighted the stakes clearly: "The real question isn't whether AI will transform cybersecurity, that's already happening. The urgent question is whether defenders can adapt faster than adversaries." CrowdStrike's vision positions security analysts not merely as responders, but as orchestrators commanding an army of AI-powered agents capable of operating autonomously and decisively at machine speed. The strategic imperative for enterprises is clear: embrace autonomous security now or risk falling irreversibly behind. With adversaries leveraging generative AI to automate attacks and accelerate exploitation from months to minutes, autonomous, agent-driven defenses have become table stakes. As Kurtz emphasized at Fal.Con 2025, "We're moving from the analyst's hands on the steering wheel to autonomous actions that are effective, safe, and reliable. We need full autonomy; it's not optional, it's foundational."

How Salesforce and CrowdStrike boost agentic enterprise security - SiliconANGLE

Inside Salesforce and CrowdStrike's plan to secure modern enterprises As artificial intelligence, automation and digital platforms reshape markets, the need for an agentic enterprise -- one that can anticipate, respond and adapt faster than rigid legacy structures -- has never been more urgent. To meet that need, Salesforce Inc. and CrowdStrike Holdings Inc. have joined forces to bring trust and security into sharper alignment. Salesforce focuses on embedding trust across its platform, while CrowdStrike strengthens enterprise defenses with AI-powered threat detection and real-time resilience, according to Marla Hay (pictured, right), senior vice president of product management at Salesforce. "Our customers are really in the midst of a transformation into becoming agentic enterprises," Hay said. "Security and trust are really at the foundation of becoming an agentic enterprise, and we are absolutely thrilled to be partnering with one of the industry leaders in security in order to help provide our customers and our security tools with CrowdStrike security tools, the ability to have a holistic picture of their environment and their ecosystem in order to create that trusted foundation for an agentic transformation." Hay and Daniel Bernard (left), chief business officer of CrowdStrike, spoke with theCUBE's Dave Vellante and Rebecca Knight at Fal.Con, during an exclusive broadcast on theCUBE, SiliconANGLE Media's livestreaming studio. The conversation focused on how the two companies aim to accelerate the shift toward the agentic enterprise. (* Disclosure below.) Salesforce and CrowdStrike's partnership aims to accelerate secure digital transformation and support the rise of the agentic enterprise -- one that is intelligent, adaptive and resilient in the face of real-world threats. Attackers increasingly exploit valid credentials through third-party software-as-a-service, according to Bernard. "We run our business on Salesforce ... we're a Salesforce shop," he said. "In an interesting way, the adversary brought us together if you look at the proliferation of agentic identities. We have an SSPM solution. It's our Adaptive Shield acquisition; it's now Falcon Shield ... on AppExchange. It's super relevant, where together we're going to go to customers and help them secure their third-party software risk." As digital transformation gains momentum, Salesforce has become a central hub for enterprise operations, relationships and sensitive data, according to Hay. That prominence makes it a high-value target for cyberattacks. To counter emerging threats, CrowdStrike's Falcon Shield integrates directly into Salesforce, using AI-powered analytics and behavioral monitoring to stop breaches in real time. "There's really three places where we're doing this integration," Hay said. "The first is through the Salesforce Security Center. We're bringing Falcon Shield and Security Center together. The second is through bringing Charlotte AI into Agentforce for Security. Agentforce for Security is Salesforce's internal security agents for our customers, and they'll now be able to get threat detection. All of that will be available through Slack as a mechanism, because that's where our customers already are. They're already operating in Slack every day." Here's the complete video interview, part of SiliconANGLE's and theCUBE's coverage of Fal.Con:

At CrowdStrike Fal.con, CEO George Kurtz says AI can help it become the top cybersecurity platform - SiliconANGLE

At CrowdStrike Fal.con, CEO George Kurtz says AI can help it become the top cybersecurity platform Cybersecurity is already the No. 1 challenge facing most enterprises, and now artificial intelligence is providing both potent new tools to battle attackers and making it easier for those attackers as well. CrowdStrike Holdings Inc. is aiming to leverage AI to give enterprises and their security operations centers more and better services so they can stay ahead of those increasingly capable attackers. "When we think about how AI is transforming the world, it's also transforming what the adversaries are doing, and the speed at which they're moving has changed dramatically," CrowdStrike Chief Executive Officer George Kurtz (pictured) told theCUBE, SiliconANGLE Media's livestreaming studio, in an interview at CrowdStrike Fal.con, the company's annual conference in Las Vegas. "It used to be weeks, then days, then hours and minutes. Now it's seconds. The traditional SOC can't keep up." Not surprisingly, Kurtz views AI -- in particular agents, the autonomous systems seen as the next frontier of AI -- as the answer. CrowdStrike introduced two new agentic systems aimed at bolstering cybersecurity, which itself is threatened by generative AI making attackers more capable than ever. They're the Agentic Security Platform, an AI-ready data layer powering what Kurtz calls the "agentic SOC," and the Agentic Security Workforce, a series of ready-made agents for cybersecurity tasks along with a platform for customers to create their own custom agents. "One day we're going to have an autonomous SOC analyst that is literally going to do the work of the analyst and then be controlled by the human," Kurtz said. "It's going to allow people to do more and faster." Kurtz spoke with theCUBE's Dave Vellante and Rebecca Knight today in an interview at CrowdStrike Fal.con, where theCUBE is onsite for two days of interviews and analysis. They discussed CrowdStrike's new products, its essential advantage as the Reddit of data security, and the thinking behind today's $260 million acquisition of Pangea Cyber Corp. (* Disclosure below.) Kurtz noted that data is the overriding key to making AI large language models work, and nowhere more than in cybersecurity. Over its 14-year history, CrowdStrike has collected huge amounts of data and, even more important, annotated that data from telemetry on trillions of security events per day in a way that happens to make it useful to train LLMs. "CrowdStrike really has the Reddit of data security," he said in a reference to the social network known as the "front page of the internet." "We've got a treasure trove of security data that goes into our AI agents." More than that, he added, that enables customers to build more capable agents of their own with CrowdStrike's Charlotte AI AgentWorks. That's a no-code platform for building, testing, deploying and orchestrating security agents at large scale. Kurtz said CrowdStrike's ultimate goal is to build "Security AGI," a reference to the goal of some AI companies such as OpenAI to create "artificial general intelligence" as capable in many tasks as humans. He says that's a ways off, but he cited self-driving cars such as Waymo's that are climbing the levels of autonomy. "We get to something that's beyond what a human can do and is self-operating, continuously learns and is fully autonomous," he said. "We're going to do it first." But Kurtz acknowledged that AI agents will require people and new tools to manage them, especially as they proliferate potentially into the millions. That's one reason CrowdStrike today acquired Pangea for a reported $260 million. It provides protections against so-called prompt injection attacks, in which hackers aim to trick LLMs into skirting safety rules and exposing data. "There's so many different attacks at the prompt layer," Kurtz said. "The cool thing about Pangea is they actually built technology for the developers, as well as for the people who are consuming the AI technology. That's going to be a a big part of our strategy when you put it on the Falcon platform." A few cybersecurity companies such as CrowdStrike, Palo Alto Networks Inc. and Check Point Software Inc. are aiming to become the one platform their customers need -- despite the reality that customers still seem to want best-of-breed new tools. Kurtz said his mergers-and-acquisitions strategy differs from some others that have made huge acquisitions of established companies in that he wants to avoid the difficulty of incorporating old technologies. "What's best for our customers is a single platform," he said, and they're not served by being provided with older services that aren't integrated with that platform. He called that "digital taxidermy," explaining that "it looks alive, but its Frankenstein underneath. Our brand promise is that ... when we buy something ... we're going to integrate it all. We've been a platform for a long time." Stay tuned for the video of the interview to be posted here soon.

CrowdStrike bets on agentic AI with new Falcon data layer, automated security automation center agents - SiliconANGLE

CrowdStrike bets on agentic AI with new Falcon data layer, automated security automation center agents CrowdStrike Holdings Inc. today used the opening of its annual Fal.Con 2025 conference in Las Vegas to roll out innovations that address the growing need for enhanced security in the age of artificial intelligence: the Agentic Security Platform and the Agentic Security Workforce. Both new products are part of the company's blueprint for securing enterprises and their security operations centers in what it calls the "agentic era" of artificial intelligence. "The old model can't keep up," CrowdStrike Chief Executive George Kurtz (pictured) told 8,000 attendees of the conference this morning during his keynote. "The legacy SOC can't compete." Instead, he said, what's needed is an "agentic SOC." The Agentic Security Platform is designed to solve a fundamental problem: legacy enterprise architectures that were never built for the realities of AI-driven operations. According to CrowdStrike, the answer is a new AI-ready data layer, built natively for the agentic era and tightly integrated into the Falcon platform. The new offering is powered by what CrowdStrike calls the Agentic SOC, a security operations center where data, intelligence, agents and governance are unified into one environment. The new platform is centered around an "Enterprise Graph," which unifies telemetry from across the enterprise into a living, connected model with one query language built for AI. The graph employs a single, AI-optimized query language that makes every signal instantly actionable, whether by a human analyst or an autonomous agent. Complementing the graph is Charlotte AI AgentWorks, which CrowdStrike calls the industry's first no-code platform for building, testing, deploying and orchestrating trusted security agents at scale. The system is intended to let security teams set the mission, define the data and control agent behavior without writing code, opening up agent-building to a far broader range of users. The Agentic Security Platform includes an operating center that connects all agents through the Model Context Protocol and applies Falcon-grade governance for safe, large-scale collaboration. The center also features a dynamic, persona-aware design that uses natural language queries and role-specific workspaces to simplify analyst experience. The second release today, the Agentic Security Workforce, takes these ideas further by putting AI-powered agents directly into the hands of customers. Agentic Security Workforce seeks to address the issue whereby security analysts are drowning in repetitive, time-consuming tasks, while traditional defense cannot stop AI-speed threats. The company's answer is a fleet of security agents, trained on millions of expert SOC decisions with reasoning and guardrails. The new offering goes beyond co-pilots by introducing what CrowdStrike calls Agentic Response Collaboration. The feature allows Charlotte AI agents to securely connect and interoperate with trusted third-party agents and automates critical Falcon-native workflows. The company describes the customer benefits as both practical and strategic: eliminating repetitive tasks, enabling customized workflows, centralizing agentic defense under Falcon's governance framework and pointing toward a future in which analysts and agents operate side by side.

CrowdStrike CEO George Kurtz On 'Incredible' SIEM Advantage Vs. Network-Focused Vendors

Speaking with media at Fal.Con 2025, Kurtz and CrowdStrike President Mike Sentonas also discussed the surging growth of the Falcon Flex subscription model and the vision for an 'agentic SOC.' CrowdStrike's surging momentum in areas such as Next-Gen SIEM and massive traction on platform consolidation show that the vendor's "pace of innovation" is stronger than ever, CrowdStrike co-founder and CEO George Kurtz said Wednesday. Kurtz and CrowdStrike President Mike Sentonas spoke with media outlets including CRN during the company's Fal.Con 2025 conference in Las Vegas, as the vendor wrapped up a week of keynotes and announcements including a major expansion of the company's AI-related security offerings. "We're back to cranking out what we want to crank out, and it feels really good," Kurtz said in response to a question from CRN. "So overall, that's my takeaway -- [we are] back to business." [Related: George Kurtz's 5 Boldest AI Statements At CrowdStrike Fal.Con 2025] A key focal point for CrowdStrike over the past year on the product side has been its Falcon Next-Gen SIEM offering, which aims to provide an AI-powered upgrade from traditional SIEM (security information and event management) tools. In response to a CRN question, Kurtz said there's no question that CrowdStrike has a number of advantages in the highly competitive SIEM market, starting with the fact that the company is among the largest EDR (endpoint detection and response) vendors. This is a major plus compared with network-focused security vendors that offer SIEM but do not have a widely used EDR product, he said. "If you look at the fidelity of the data that we get out of our sensor, it's incredible. That is much different than a network provider trying to take data [into a SIEM]," Kurtz said. "We can tell you the user, the identity, the data, the network connection. We have all this. If you're looking at it from a network perspective, you get just a cursory view of what's happening. So that's why it's so difficult." In addition to the benefits for security outcomes, CrowdStrike's position in the SIEM market is bolstered by not needing to move or store endpoint data -- which constitutes a sizable portion of the data utilized by a SIEM system -- across separate data lakes. Previously, to work with a SIEM vendor, CrowdStrike customers would need to move a majority of the data that went into a SIEM from out of the Falcon platform -- leading to significant added costs, Kurtz said. "They were taking it out of CrowdStrike, they were paying the tax, and they were putting it into a different SIEM," he said. "Why push all of it out?" Notably, CrowdStrike's latest quarter ended July 31 included "stellar" growth for its Next-Gen SIEM platform of 95 percent from the same period a year earlier, Kurtz said during the vendor's quarterly call with analysts in August, as annual recurring revenue (ARR) surpassed $430 million for the offering. Executives at top solution provider partners of CrowdStrike told CRN this week that Next-Gen SIEM is quickly becoming a major source of growth, helping to enable the Security Operations Center (SOC) transformation that many customers are seeking. And without a doubt, when you look at the volume of security-relevant data that derives from the endpoint, "having SIEM vendors own the endpoint is so important," said Chris Ebley, CTO at Blackwood, No. 93 on CRN's Solution Provider 500 for 2025. "As an independent third-party [SIEM vendor], trying to solve for all the different telemetry flows that can come off the endpoint" is highly challenging, Ebley said. "If you go into an organization and try to provide the same results for someone that's using [a third-party EDR], you can't actually make that promise. There will be a delta. There will be a reduction in outcome." Agentic SOC Vision During Fal.Con 2025 this week, CrowdStrike executives laid out a vision for the SOC of the future that includes both Next-GEN SIEM as well as the use of agentic technologies across the Falcon platform. This "agentic SOC" vision aims to transform the role of security analysts by turning them into orchestrators of teams of agents that can handle many routine security tasks automatically, executives said. Core to the vision is CrowdStrike's newly announced Falcon Agentic Security Platform, which offers an "AI-ready" data layer that enables the expansion of agentic functionality across its broad security platform, the company said. That ultimately provides faster and more effective responses to threats, according to CrowdStrike. The cybersecurity giant also debuted seven new agents for SOC analysts as well as a no-code platform for creating custom agentic tools, Charlotte AI AgentWorks. And to bolster protection for AI technology itself, CrowdStrike unveiled a deal to acquire GenAI guardrails startup Pangea. Speaking with media Wednesday, Sentonas said he heard from numerous customers and partners this week that are now "talking about how we have to rebuild our SOC and retool our SOC" in part thanks to new agent-powered offerings. "Everyone knows it's a big goal, and it'll take time to get there. [But] everyone's pumped," he said. Solution provider partners applauded the moves by CrowdStrike around expanding agentic capabilities for the SOC, telling CRN that both the vision and the specific offerings unveiled by CrowdStrike so far are highly compelling. For instance, at solution and service provider powerhouse Wipro, CrowdStrike capabilities around automating the triage of security alerts and performing threat hunting using agents could provide a huge leg up, according to Tony Buffomante, senior vice president and global head of cybersecurity and risk services at Wipro, No. 17 on CRN's Solution Provider 500. "I think the agentic piece for Next-Gen SIEM, for the triage activities, is exciting for us," Buffomante said. "The triage piece, the threat hunting piece, as well as ultimately how that's going to automatically create new playbooks -- that's exciting for us for the next phase of this journey." The CrowdStrike expansion is also poised to complement ongoing agentic efforts at systems integrator giant Accenture in meaningful ways, such as through the Charlotte AI AgentWorks platform, said Rex Thexton, senior managing director and security chief transformation officer at Accenture, No. 1 on CRN's Solution Provider 500. "What was super exciting to me, as an SI, is building your own agent," Thexton said. "With the framework that they have, I think that's going to be super useful for SIs and clients." Falcon Flex Takes Off Helping to drive growth across the Falcon platform, meanwhile, is CrowdStrike's Falcon Flex subscription model and the way it enables customers to more easily go "all in" on CrowdStrike, Kurtz said. Falcon Flex makes it possible for customers to decide over time which technologies to deploy on the Falcon platform after committing to a contract, rather than having to decide up front or go through multiple procurement processes, according to the company. That provides a strong incentive to customers to deploy more of the 30 modules on CrowdStrike's Falcon platform, the company has said. While some competitors have begun offering procurement models that are similar -- in some cases even branded as "Flex" -- CrowdStrike's wide array of security tools and potential for enabling consolidation is a key part of what makes Falcon Flex so attractive to partners and customers, Kurtz said. "It's the power of the platform," he said. And in terms of competing approaches, "some of them don't even have the key elements that we have," Kurtz said. Solution provider partners that have already seen massive traction with Falcon Flex include GuidePoint Security, which has even had some customers go through multiple Flex cycles, according to GuidePoint's Mark Thornberry. When it comes to Falcon Flex, "it's just another example of [CrowdStrike] being forward-thinking" around enabling adoption and operationalization of its platform, said Thornberry, senior vice president for partnerships at GuidePoint, No. 37 on CRN's Solution Provider 500. Crucially, a model like Flex "only works" if a vendor has numerous products and is "truly platform-centric," Thornberry said. And there's no question at this point that when it comes to CrowdStrike, "they just have so many different things that the customers want."

Why CrowdStrike Doesn't See AI Replacing Security Analysts: President Mike Sentonas

Instead, the role for SOC (Security Operations Center) analysts going forward will increasingly be focused around orchestrating a 'team of intelligent agents' to boost cyber defense, Sentonas says. For Security Operations Center (SOC) analysts on the front lines of cyber defense, the availability of powerful AI agents for automating routine security tasks means their roles are now becoming more essential, not less, CrowdStrike President Mike Sentonas said Wednesday. Sentonas made the comments during a week that saw CrowdStrike unveil a major expansion to its portfolio of AI-related capabilities, while laying out its "agentic SOC" vision in front of 8,000 attendees at its Fal.Con 2025 conference in Las Vegas. [Related: George Kurtz's 5 Boldest AI Statements At CrowdStrike Fal.Con 2025] On the whole, agentic is "the foundation of the modern SOC," Sentonas said during his keynote at Fal.Con Wednesday. "It's elevating the role of the analyst. It's not eliminating the analyst." Ultimately, "we need to go from analyst to orchestrator. We need to have the modern SOC with the analyst in the center, to start to work with a team of intelligent agents," he said. Notably, embracing this shift to the "agentic SOC" is made even more crucial by the fact that threat actors are clearly using the same AI-powered technology to dramatically increase the speed and effectiveness of their attacks, Sentonas said. With the newly announced Falcon Agentic Security Platform, CrowdStrike said it now offers an "AI-ready" data layer that enables the expansion of agentic functionality across its broad security platform, ultimately providing faster and more-effective responses to threats. The cybersecurity giant also debuted seven new agents for SOC analysts as well as a no-code platform for creating custom agentic tools, Charlotte AI AgentWorks. While many security analysts have questioned whether their roles might be on their way to redundancy in the wake of GenAI's arrival, those anxieties have begun to dissipate as the full potential for agentic SOC capabilities has become clearer, solution provider executives told CRN at Fal.Con this week. For instance, solution and service provider powerhouse Wipro, whose SOCs employ 2,000 people, has seen a palpable shift in this regard, according to Tony Buffomante, senior vice president and global head of cybersecurity and risk services at Wipro, No. 17 on CRN's Solution Provider 500 for 2025. "My personal experience has been that the fear of our analysts who I spoke to a year ago -- around, 'This is going to take my job' -- has subsided," Buffomante said. In its place, there's now a lot of "excitement" among analysts, he said. The overriding sentiment now is, "'This is really cool. Now I'm going to be able to do some higher-level things,'" Buffomante said. Specifically, Wipro has intentionally worked to help overcome those fears around analysts with a strong commitment to "upskill and uplevel everybody" around new AI and agentic technologies, he said. For many security analysts, the potential for AI agents to significantly improve satisfaction with their jobs -- and even their quality of life and mental health -- has been a massive factor as well, according to Chris Ebley, CTO at Blackwood, No. 93 on CRN's Solution Provider 500. Agentic offerings from CrowdStrike, for instance, show a major promise of being able to automatically handle the steps needed to determine that an alert is a false positive -- the types of tasks that SOC analysts are inundated with on a daily basis, Ebley said. This is a huge issue because for SOC analysts, there's little satisfaction in taking on tasks where it's highly probable that "you're reacting to something individually that's not a threat," he said. "It's hard to find the mission in that." The potential with agentic, on the other hand, is to eradicate the need for analysts to deal with monotonous issues such as false positives, according to Ebley. In such a scenario, AI agents could perform the investigation into an alert, identify the issue as being benign, fully document what happened and close the ticket, he said. "And a human never touches that process," Ebley said. "That's really attractive." All in all, CrowdStrike's latest debut of SOC capabilities -- which leverage agents but are fundamentally orchestrated by humans -- should prove much more compelling for security analysts and MSSPs than competing visions of an "autonomous SOC," said Chris Schueler, CEO of Cyderes, No. 98 on CRN's Solution Provider 500. The "autonomous SOC" concept is unfortunate, Schueler told CRN, and has helped to drive some of the fears among security analysts that they could be on track to be replaced. "If done correctly, there should be excitement, not fear" about AI in the SOC, he said. The bottom line for MSSPs such as Cyderes is that "we're aligned with CrowdStrike in [advocating a] human-led, AI-powered SOC," he said. "By casting the right vision for the SOC analyst, I think they'll 100-percent start to see, 'I can actually start to be a part of this mission of stopping threats, and not just be a cog in the wheel.'"

George Kurtz's 5 Boldest AI Statements At CrowdStrike Fal.Con 2025

The CrowdStrike co-founder and CEO used his Fal.Con keynote to discuss his vision for the 'agentic SOC,' AI detection and response and working toward the realization of security AGI. CrowdStrike is making its next big moves in AI with a focus on enabling a Security Operations Center (SOC) that is fundamentally powered by agents -- the "agentic SOC," CrowdStrike co-founder and CEO George Kurtz said Tuesday. At the same time, the cybersecurity giant is also "pioneering" a new category in AI security, "AI detection and response," in part through the just-announced deal to acquire AI guardrails startup Pangea, Kurtz said during his keynote at CrowdStrike's Fal.Con 2025 conference in Las Vegas. The offering builds on CrowdStrike's track record in its core segment of endpoint detection and response (EDR), as well as in areas including managed detection and response (MDR) and cloud detection and response (CDR), he said. [Related: 5 Big Takeaways From CrowdStrike's 2025 Partner Summit] And CrowdStrike is looking even further out by taking the initial steps toward developing security-focused artificial general intelligence, or security AGI, according to Kurtz. "The destination for me really is security AGI," Kurtz said during his Fal.Con keynote. With predictions that AGI as a concept is likely to still be years in the future, "this is not something that is going to be hit anytime soon, but it's what we're thinking about as the industry is moving forward," he said. "We think this is a big, bold vision, and we've got the company galvanized around that." Kurtz made the remarks as CrowdStrike also announced an array of new cybersecurity offerings related to AI and agents, including the Falcon Agentic Security Platform. The platform offers an "AI-ready" data layer that enables the expansion of agentic functionality on CrowdStrike's platform, ultimately providing faster and more effective responses to threats, according to the company. CrowdStrike also introduced a new set of AI agents through the launch Tuesday of its Agentic Security Workforce offering. The new agents are aimed at going beyond chatbot-based copilots by handling key security workflows across a number of Falcon modules, CrowdStrike said. Additionally, CrowdStrike also debuted Charlotte AI AgentWorks, which is a no-code platform for building, testing, deploying and orchestrating security agents. Ultimately, the agentic SOC is not about "building a better dashboard," Kurtz said. "The agentic SOC [is powered] by intelligent agents that don't just assist -- they reason, decide, and they act," he said. "The humans get elevated into a role where they're now controlling a fleet of agents, and letting the agents do the work on their behalf." What follows are Kurtz's five boldest AI statements at CrowdStrike Fal.Con 2025. 'Obsolete' Technology Vs. AI "The challenge that we have [in cyber defense] is, the old model can't keep up. We've got too many folks fighting the battle with obsolete technology, and you just can't keep up with the speed of what we're seeing in terms of the threats and how sophisticated these attackers have gotten. And when we think about GenAI, we've actually not only empowered the attackers to be more sophisticated, but we actually multiplied more of them. There are more people who can do this with a high level of sophistication than there were just two years ago because of these technologies. ... The SOC is trying to fight a 21st Century war with 20th century weapons. That has to change." 'Agentic SOC' Vision "So what is the new model? The new model is something where we have to reimagine what the SOC is going to be [and] we need to rebuild it to operate at the speed of AI. So let's talk a little bit about the agentic SOC. What I mean by the agentic SOC is not building a better dashboard. The agentic SOC [is powered] by intelligent agents that don't just assist -- they reason, decide, and they act. They operate across domains, identities, endpoints, cloud, SaaS. There's a few pillars that we believe are key to the agentic SOC [including] agentic detection, triage and workflow. ... Where we're going in the industry with this SOC transformation is [that] the humans get elevated into a role where they're now controlling a fleet of agents, and letting the agents do the work on their behalf." 'AI Detection And Response' "AI agents, to me, actually look a lot like a human. They have an identity, they have a workflow, they have access to resources, they have access to data. ... I'm excited to announce today that we acquired Pangea [which is] a leader in the space of protecting AI agents from the browser, application, gateway, cloud, in the development pipeline, as well as in production. ... We're pioneering AI detection and response ... For a computer, workload, endpoint, it doesn't matter -- you have to have visibility. You have to understand what it did. It's the same for an AI agent, because an AI agent is not only going to talk to data -- it's going to talk to another AI agent, that's going to talk to another AI agent, that's going to talk to an MCP server. And you're going to have to put guardrails. You're going to [need to] have visibility across the entire line. When someone says, 'Hey, what happened? What did this AI agent do?' [Having] an AI agent is like giving an intern full access to your network. That's scary. So you've got to put some guardrails around [the agent]." Build-Your-Own Security Agents "For us, it's about creating agents that do work on our customers' behalf. We created seven. But there's always going to be a need for [more] that we haven't thought about. We are announcing Charlotte AI AgentWorks [because] we want our customers to be able to build their own agents. So think about what you can imagine, what you could do, and how you want to streamline both security and IT elements in these agents. ... This fundamentally has the ability to change how we think about working in the SOC and moving us into that agentic workflow." Security AGI Is Coming "The destination for me really is security AGI. ... If we think about AGI itself, [Nvidia CEO] Jensen Huang talks about AGI -- [the concept of] AGI -- maybe five years out. Is it three? Is it five? Is it 10? Who knows. All I know is, things are moving pretty quickly. But part of what our teams are focused on, and building as we get up the stack of autonomy, is to get to a point where we could deliver security AGI. ... So you've got to move into something that can recursively get smarter and smarter until you hit that security AGI. So this is not something that is going to be hit anytime soon, but it's what we're thinking about as the industry is moving forward. ... As I said, it's a destination. There's not a product that we're shipping next week that has this. But as a company that's really on the forefront of doing these things, we think this is a big, bold vision, and we've got the company galvanized around that."

CrowdStrike Unveils New Agentic Security Platform For 'Deeper Layer Of Autonomy': CTO

The cybersecurity giant is also introducing new AI agents with the launch of its Agentic Security Workforce offering. CrowdStrike debuted a new agentic security platform to drive a higher degree of autonomy for cybersecurity teams along with new AI agents across its Falcon platform, in a pair of announcements Tuesday signaling where the security giant is heading next on AI. The newly announced Falcon Agentic Security Platform offers an "AI-ready" data layer that enables the expansion of agentic functionality on CrowdStrike's platform, ultimately providing faster and more effective responses to threats, according to the company. [Related: CrowdStrike CEO George Kurtz: 'Huge Service Opportunity' Ahead For Partners] In a briefing with media outlets including CRN, CrowdStrike CTO Elia Zaitsev said the company's Agentic Security Platform is the next major step in making the Security Operations Center (SOC) more autonomous. "Now we're heading into an even deeper layer of autonomy where we are really after what we call the agentic SOC," Zaitsev (pictured) said during the briefing with media. "We want multiple agents working orchestrated in an ensemble fashion, to progressively automate more and more aspects of what a human analyst does today." Key capabilities include an Enterprise Graph that unifies telemetry data from across an organization, enabling that data to be more easily leveraged by both AI and human analysts through a common query language. The Agentic Security Platform has "huge implications for human analysts [through] simplifying their workflows, their ability to work with all this complex, powerful data," Zaitsev said. Meanwhile, CrowdStrike also introduced a new set of AI agents through the launch Tuesday of its Agentic Security Workforce offering. The offering provides security analysts with "out-of-the-box capabilities to automate more and more of these steps, more and more of these specific tasks," Zaitsev said. The initial agents are aimed at going beyond chatbot-based copilots by handling key security workflows across a number of Falcon modules, CrowdStrike said. The agents can be utilized to provide exposure prioritization (in Falcon Exposure Management), malware analysis (in Falcon Threat Intelligence) and threat hunting (in Falcon Threat Intelligence), the company said. Additional agents are being introduced in Falcon Next-Gen SIEM, including agents for search analysis, correlation rule generation, data transformation and workflow generation, according to CrowdStrike. As part of the announcements Tuesday, CrowdStrike also debuted Charlotte AI AgentWorks, which is a no-code platform for building, testing, deploying and orchestrating security agents. Charlotte AI AgentWorks thus allows partners and customers to build and deploy "their own agentic systems with their own custom datasets and enterprise or organizational specific knowledge baked into it," Zaitsev said. The announcements came in connection with CrowdStrike's Fal.Con 2025 conference, which is being held this week in Las Vegas. Speaking to top partners at the conference Monday, CrowdStrike Co-founder and CEO George Kurtz said that the company's offerings around agentic and products such as Next-Gen SIEM are accelerating opportunities for partners to deliver services. The adoption of agentic, meanwhile, also creates opportunities for delivery of security in areas such as identity, Kurtz said. Most of the identities associated with agentic are non-human and often will need to have access to data, compute and workflows, he said. As for Next-Gen SIEM, "it does represent a huge opportunity from a market perspective for our partners, and a huge service opportunity," Kurtz said Monday during CrowdStrike's 2025 Partner Summit.