CrowdStrike unveils ground-breaking AI-native SOC functions – SecurityBrief Australia

1 minute, 57 seconds Read

CrowdStrike has unveiled new functions for its next-gen Security Information and Event Management (SIEM) technology and Charlotte AI, permitting clients to exploit GenAI’s power to revolutionise their Security Operations Centres (SOC).

Designed to supersede traditional SIEMs, the current AI-native SOC offering can reduce workload times from hours to minutes or mere seconds. This innovation allows for up to 150 times faster search performance and an 80% lower total cost of ownership compared with conventional SIEM and SIEM alternatives.

CrowdStrike declared its Falcon Next-Gen SIEM transformations will liberate users from the constraints of outmoded SIEM tech and fuel the AI-native SOC. To expedite this transformation, all Falcon Insight customers will gain entitlement to 10 gigabytes of extraneous data ingestion per day, experiencing the speed and efficiency of Falcon Next-Gen SIEM.

George Kurtz, CEO and co-founder of CrowdStrike commented: “The speed of today’s cyberattacks requires security teams to rapidly analyze massive amounts of data to detect, investigate and respond to threats faster… Customers are hungry for better technology that delivers instant time-to-value and increased functionality at a lower total cost of ownership.”

Falcon Next-Gen SIEM powers the AI-native SOC, delivering 150 times faster search performance and an 80% lower total cost of ownership compared with legacy SIEMs and other SIEM solutions. Features now include generative AI and workflow automation, and Charlotte AI, CrowdStrike’s Generative AI security analyst, is accessible for all Falcon data in Next Gen SIEM.

Security analysts can now ask any question of Falcon data within the platform, including from product documentation or Knowledge Bases, and receive answers back in seconds. This capability considerably accelerates the speed and effectiveness of investigations by automatically correlating all related contexts into a single incident and producing an LLM-powered incident summary for understanding by security analysts across all skill levels.

Falcon Next-Gen SIEM includes new and updated connectors, bringing together third-party IT and security data into the unified Falcon platform. It also includes broad connectors for AWS, Azure, and GCP. AWS coverage includes all key cloud services such as GuardDuty, Security Hub, and S3 Access Logs. Azure connectors include Microsoft Defender for Cloud and Microsoft Exchange Online.

New features and enhancements focused on analyst collaboration and use include a simplified user experience with customized views, direct access to Advanced Event Search from the Incident Workbench, and severity and naming modification. Also included are automated change notifications when another analyst adds a note.

This post was originally published on 3rd party site mentioned in the title of this site

Similar Posts