CrowdStrike’s Falcon is receiving a number of updates. The security platform includes several AI applications and functionalities. In addition, CrowdStrike also acquired the AI ​​startup Bionic.

The American security company CrowdStrike has strengthened itself with Bionic, a startup that primarily revolves around an ASPM (Application Security Posture Management) platform. In addition, CrowdStrike is also expanding its existing Falcon platform with various, partially AI-driven functions.

Expansion of the falcon’s nest

The Falcon platform already consisted of more than twenty modules divided into six subject areas (e.g. endpoint security and observability). Now there are a few more to come. Essentially there are four key additions.

The biggest update is Birds of prey. With this, CrowdStrike adds a hefty dose of generative AI and XDR (advanced detection and response) to Falcon. The dangerous-sounding upgrade brings several applications to the current system:

• Charlotte AI Investigator: a brand new, exclusive tool that largely automates incident investigation, linking context and information itself and generating a summary via an LLM that is easy for security teams to process
• XDR for everyone: All CrowdStrike customers now have clear endpoint, identity, cloud and data security telemetry to accelerate incident investigation
• XDR Incident Workbench: a second tool to speed up investigations (but also response times) to incidents
• Collaborative Incident Command Center: an anytime, real-time incident handling tool from a single source where analysts can be anywhere
• Lightning-fast search: a search feature that helps you search large amounts of data with sub-second latency to quickly find and eliminate potential threats and risks

Then there is foundingThis allows you to build applications without coding. These can then serve as an extension of the Falcon platform. founding uses CrowdStrike’s data and infrastructure and is intended to make automation faster and more accurate.

There is also a new form of it data protection. This feature now also focuses on preventing the loss of legacy data. With just one agent for data and endpoint security. Detection and response should now also be accelerated using EDR and This has also happened before with OT.

The system also sets dynamic data policies to automatically track content across files and SaaS applications. This is to protect the data when copying or sharing.

Finally there is Falcon for IT. CrowdStrike expands its security and IT workflow automation platform. There are several applications:

• Use natural language generative AI prompts to give Charlotte AI tasks and ask questions
• Request data on incidents, status and performance through one interface and intuitive dashboards
• Monitor CrowdStrike-managed endpoints
• Automate endpoint remediation to resolve issues quickly

Bionic supplement

With the acquisition of Bionic.AI, CrowdStrike looks to add ASPM to its own Cloud native application protection platform (CNAPP). This is intended to improve risk visibility and overall cloud security via a unified platform.

Bionic.AI brings three important things to CrowdStrike:

• Real-time visibility of all monitored applications, from databases to third-party APIs
• Assessing vulnerability priorities
• Complete overview of serverless infrastructures

CrowdStrike aims to offer ASPM both separately and fully integrated into Falcon Cloud Security.