CRWD reports tomorrow and will no doubt talk more about this, but it seems like a really positive thing.
Things I really like in this release (bolding mine):
The most critical set of data — and one unique to CrowdStrike — is CrowdStrike’s human-validated content. Charlotte AI will uniquely benefit from a continuous, human feedback loop from across CrowdStrike® Falcon OverWatch™ managed threat hunting, CrowdStrike Falcon® Complete managed detection and response, CrowdStrike Services, and CrowdStrike Intelligence. This massive data set of human intelligence used to stop breaches in the real world is wholly unique to CrowdStrike, and as it has with AI from the start, only CrowdStrike brings this powerful combination of security telemetry, threat intelligence and human-validated content together into cybersecurity’s most powerful data fabric.
For AI to avoid becoming our new Frankenstein monster, combinations of human and artificial intelligence are critical. Phrases like “human-validated content” are music to my ears.
With Charlotte AI, everyone from the IT helpdesk to executives like CISOs and CIOs can quickly ask straightforward questions such as “What is our risk level against the latest Microsoft vulnerability?” to directly gain real-time, actionable insights, drive better risk-based decision making and accelerate time to response.
In many of our evaluations of tech companies on this board, I get lost in the weeds of how things operate under the hood. If I were managing a company, I would want my own, less-technical understanding to be able to make queries like this–for several reasons.
First, presumably those in the C-Suite have a differentiating set of gifts. Those generally include (in good management) the ability to see very quickly the potential for external events/trends/innovations to affect my business. It might be potential for a huge risk or for a huge reward; but it’s that vision/imagination that earns the big bucks. If a CEO can ask a plain language question about a cyberthreat, a company can move much more quickly to address it–and speed is mission-critical with cybersecurity. And that ability can move all the way down the chain.
The release put it this way:
Charlotte AI will empower less experienced IT and security professionals to make better decisions faster, closing the skills gap and reducing response time to critical incidents.
Second, it allows management to better assess the work of their engineers. Let’s say, as a manager, I asked my new friend Charlotte about our vulnerability and discovered hackers could drive a truck through our holes. Because I’m a great manager, I put every available engineer, and then some, on closing that hole on day one. It’s been a week and I’ve been getting daily updates from the team, but maybe I don’t have as much in-depth knowledge as my engineers. I know a lot, but there are places where I have to just trust what they tell me. After one week, Charlotte has trillions more bits of data, and I can ask the question again. That will tell me a lot–not just about the state of our system as a whole, but about the effectiveness of my team in addressing the vulnerability.
Third, a sales team can ask a simple question during a conversation with a potential client that could secure a deal. “Charlotte, how many threats [of x kind that my potential customer is interested in] did we intercept today?” Real-time data that can be accessed and understood by those without the in-depth knowledge required of the engineers can give a huge boost to sales teams.
I’m sure there are more. HR can broaden their applicant pool to include people who might know a bit less about the inner-workings of the product but who have significant gifts in knowing what questions are relevant and helpful to ask in an on-going threat environment.
But those like many who post here who understand how the tech sausage is made, get a huge benefit, too:
Charlotte AI will enable the most experienced security experts to automate repetitive tasks like data collection, extraction and basic threat search and detection while making it easier to perform more advanced security actions.
What is not quite clear to me from the release is when Charlotte will be fully rolled out. It says,
Currently available in private customer preview
I don’t know if that means you can preview it and then purchase it now or whether it means you can view some kind of alpha or beta version and maybe put in a pre-order? I can’t tell.
But this strikes me as a very good thing, and I’m looking forward to the call tomorrow afternoon.