{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/security-operations/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["medium"],"_cs_tags":["ai","automation","security operations","soar"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCrowdStrike is introducing Charlotte AI AgentWorks and Agentic SOAR as a new approach to security operations, designed to leverage AI to automate tasks, orchestrate workflows, and amplify analyst capabilities. Announced in March 2026, Charlotte AI AgentWorks serves as a central hub for building and scaling security agents across the enterprise, integrating with models from Anthropic, NVIDIA, and OpenAI, and promoting collaboration among security innovators. Charlotte Agentic SOAR is designed to enable the coordinated operation of these agents within complex security workflows, providing mission-ready agents for common tasks like triage and malware analysis. The aim is to reduce manual workloads, enhance decision-making accuracy, and provide a security-first foundation for AI-driven automation. To help customers accelerate AI adoption, CrowdStrike offers free AI credits for experimentation within their environments.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003cp\u003eThis brief describes new product capabilities and not an active attack chain. Therefore, a typical attack chain is not applicable. However, the following steps outline how a security team might leverage the capabilities:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003e\u003cstrong\u003eAI Model Integration:\u003c/strong\u003e The organization integrates various AI models from providers like Anthropic, NVIDIA, and OpenAI into the Charlotte AI AgentWorks platform, choosing the most suitable models for specific security tasks.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAgent Development:\u003c/strong\u003e Security engineers use Charlotte AI AgentWorks to develop custom security agents tailored to their environment, leveraging the platform\u0026rsquo;s tools and frameworks.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWorkflow Design:\u003c/strong\u003e Using Charlotte Agentic SOAR, analysts design automated workflows that incorporate the newly created and out-of-the-box agents to address specific security challenges, such as threat triage or malware analysis.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAgent Deployment:\u003c/strong\u003e The security agents are deployed across the CrowdStrike Falcon platform, inheriting the platform\u0026rsquo;s telemetry, security guardrails, and access controls.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eTask Automation:\u003c/strong\u003e The agents automatically perform tasks such as triaging alerts, analyzing malware samples, prioritizing exposure management, and generating correlation rules.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eHuman Oversight:\u003c/strong\u003e Analysts monitor the agents\u0026rsquo; activities through the unified case management interface, ensuring that actions align with established security policies and compliance requirements.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eWorkflow Optimization:\u003c/strong\u003e The security team identifies operational bottlenecks and streamlines investigations based on the data provided by the case management system, continuously improving the automated workflows.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eAnalyst Amplification:\u003c/strong\u003e Analysts leverage the AI-driven automation to reduce manual tasks, accelerate response times, and focus on strategic oversight and complex investigations.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful implementation of Charlotte AI AgentWorks and Agentic SOAR can lead to a significant reduction in manual investigation workloads, potentially by as much as 70%, and a restoration of over 40 hours of team capacity per week. The platform aims to achieve greater than 98% decision accuracy in automated tasks. By automating repetitive and time-consuming processes, organizations can free up security analysts to focus on more strategic initiatives, improving overall security posture and reducing the risk of successful attacks. The platform\u0026rsquo;s goal is to reshape the analyst experience, eliminate toil, accelerate outcomes, and help teams seize an operating advantage in the AI era.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eExplore the capabilities of Charlotte AI AgentWorks and Agentic SOAR within a test environment using the free AI credits offered by CrowdStrike, to evaluate the potential benefits for your organization (Charlotte AI AgentWorks, Agentic SOAR).\u003c/li\u003e\n\u003cli\u003eLeverage the out-of-the-box agents available in Charlotte Agentic SOAR to automate common security tasks such as threat triage and malware analysis, and customize them to your environment (Charlotte Agentic SOAR).\u003c/li\u003e\n\u003cli\u003eEvaluate existing security workflows and identify areas where AI-driven automation can reduce manual effort and improve decision accuracy, designing new workflows using Charlotte Agentic SOAR (Charlotte Agentic SOAR).\u003c/li\u003e\n\u003cli\u003eMonitor the performance of deployed agents and automated workflows through the unified case management interface, identifying and addressing any bottlenecks or areas for optimization (Charlotte Agentic SOAR).\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-03-28T09:22:10Z","date_published":"2026-03-28T09:22:10Z","id":"/briefs/2026-03-charlotte-ai-agentworks/","summary":"CrowdStrike introduces Charlotte AI AgentWorks and Agentic SOAR to enhance security operations through AI-driven automation and orchestration, reducing manual workloads and improving decision accuracy.","title":"CrowdStrike Charlotte AI AgentWorks and Agentic SOAR for Automated Security Operations","url":"https://feed.craftedsignal.io/briefs/2026-03-charlotte-ai-agentworks/"}],"language":"en","title":"CraftedSignal Threat Feed — Security Operations","version":"https://jsonfeed.org/version/1.1"}