{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/security-automation/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["medium"],"_cs_tags":["agentic-soc","ai","security-automation"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCrowdStrike has introduced Charlotte AI AgentWorks and Charlotte Agentic SOAR as a foundation for agentic security operations. Charlotte AI AgentWorks is designed to be a central hub for building and scaling security agents, integrating frontier AI models from Anthropic, NVIDIA, and OpenAI. This platform enables partners and service providers like Accenture, Deloitte, Kroll, Telefonica Tech, and Salesforce to develop custom agents tailored for diverse teams and environments. Charlotte Agentic SOAR serves as the orchestration layer, activating and coordinating agents across complex workflows while maintaining human oversight and security guardrails. The goal is to amplify analyst capabilities, automate time-intensive tasks, and improve decision accuracy in the face of AI-powered adversaries.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003e\u003cstrong\u003eInitial Compromise (Simulated):\u003c/strong\u003e An attacker attempts to leverage a vulnerability, triggering a security alert that requires immediate attention.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAgent Activation:\u003c/strong\u003e Charlotte Agentic SOAR automatically activates a malware analysis agent to examine suspicious files.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eData Analysis:\u003c/strong\u003e The malware analysis agent analyzes the file using integrated threat intelligence and AI models.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eThreat Prioritization:\u003c/strong\u003e An exposure prioritization agent is engaged to identify and rank potential risks associated with the alert.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWorkflow Automation:\u003c/strong\u003e Based on the agent\u0026rsquo;s findings, automated workflows are initiated to contain the potential threat and alert relevant personnel.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHuman Oversight:\u003c/strong\u003e Analysts review the agent\u0026rsquo;s findings and the automated actions, providing oversight and making strategic decisions.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eRemediation:\u003c/strong\u003e The security team uses the enriched data to quickly respond and remediate the threat.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAdaptive Security:\u003c/strong\u003e The entire process enhances the overall security posture by automating mundane tasks, allowing the analysts to focus on critical and complex issues, improving overall incident response time and accuracy.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eBy leveraging Charlotte AI AgentWorks and Agentic SOAR, organizations can potentially reduce manual investigation workloads by up to 70%, restore approximately 40 hours of team capacity per week, and achieve decision accuracy exceeding 98%. This enhanced efficiency and precision can significantly improve an organization\u0026rsquo;s ability to detect and respond to threats, minimizing the impact of successful attacks.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eInvestigate the capabilities of Charlotte AI AgentWorks and Agentic SOAR to determine potential benefits for your security operations, referencing the CrowdStrike documentation available online (\u003ca href=\"https://www.crowdstrike.com/en-us/blog/how-charlotte-ai-agentworks-fuels-securitys-agentic-ecosystem/\"\u003ehttps://www.crowdstrike.com/en-us/blog/how-charlotte-ai-agentworks-fuels-securitys-agentic-ecosystem/\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eSimulate the attack chain described to understand how different AI agents can aid in analysis and remediation.\u003c/li\u003e\n\u003cli\u003eDeploy a detection rule to identify anomalies in workflow automation engines.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-03-28T08:31:25Z","date_published":"2026-03-28T08:31:25Z","id":"/briefs/2024-07-charlotte-ai-agentworks/","summary":"CrowdStrike's Charlotte AI AgentWorks and Agentic SOAR aim to revolutionize security operations by enabling the creation and orchestration of AI-powered agents, enhancing analyst capabilities and automating tasks to combat AI-accelerated adversaries.","title":"CrowdStrike Charlotte AI AgentWorks and Agentic SOAR for Agentic Security Operations","url":"https://feed.craftedsignal.io/briefs/2024-07-charlotte-ai-agentworks/"}],"language":"en","title":"CraftedSignal Threat Feed — Security-Automation","version":"https://jsonfeed.org/version/1.1"}