George Kurtz’s 5 Boldest Statements At CrowdStrike Fal.Con 2023
The CrowdStrike co-founder and CEO used his Fal.Con keynote to tout the company’s newest updates in areas including generative AI technology and application security.
Kurtz’s Boldest Statements
There’s no doubt about it: Advancements in artificial intelligence, and particularly generative AI, are only going to bring massive changes to the cyberthreat landscape, CrowdStrike Co-Founder and CEO George Kurtz said Tuesday. But CrowdStrike is determined to continue innovating on its unified security platform, Falcon, to enable security teams to defend against even the newest breeds of AI-powered cyberattacks, Kurtz told attendees at Fal.Con 2023 in Las Vegas. “The reason that we built the Falcon platform is just for this moment,” he said during a keynote at the CrowdStrike conference.
[Related: CrowdStrike Widens Its Strike Zone With ‘Something Better’ For SMB Security]
Kurtz said CrowdStrike was created because “I wanted to create a true platform that was able to deliver the right outcome — which is stopping breaches.”
During his hour-long keynote session Tuesday, Kurtz laid out a number of newly announced CrowdStrike products and capabilities that are aimed at making Falcon even more effective for partners and customers. The comments came a day after Kurtz addressed partners directly at CrowdStrike’s 2023 Partner Summit — where he said that for the cybersecurity giant, “everything starts with a partner.”
Newly announced security capabilities that Kurtz discussed Tuesday include in GenAI-powered functionality for security analysts — through the company’s Charlotte AI technology — as well as CrowdStrike’s new Raptor data lake that can natively ingest data feeds from third-party tools. With the newly announced Falcon for IT offering, CrowdStrike is looking to make its technology more useful beyond cybersecurity, Kurtz said. And in terms of cloud and application security, Kurtz made his first public comments on CrowdStrike’s planned acquisition of Bionic, a startup offering technology for application security posture management, which was announced Tuesday.
What follows are Kurtz’s five boldest statements at CrowdStrike Fal.Con 2023.
‘Weaponizing Patch Tuesday’
One of the biggest concerns for me, when I think about adversarial AI, is the weaponization of vulnerabilities. I’ve spent a lot of time in my career in the vulnerability management space. I’ve spent a lot of time pen testing … And the ability to actually understand a vulnerability and weaponize it is a very, very unique skill set. It’s a very small number of people that can actually [do it]. If we think about what’s coming soon, it’s really weaponizing [Microsoft’s] ‘Patch Tuesday.’ …
Think about this: A patch comes out. Immediately, through generative AI, the patch is downloaded. It’s disassembled — which, by the way, it takes a lot of skill to disassemble the patch. The actual vulnerability is pinpointed. From that vulnerability, an exploit is created. And then the exploit is weaponized, put in a toolkit and then made available for sale, or actually delivered through an effective phishing campaign. That’s not going to take a lot of effort. That’s not going to take a lot of know-how, and that’s not going to take a lot of time. That’s what’s on the horizon. So when we think about this in the hands of a nation state [threat actor], or even in the hands of cybercriminals and adversaries, it becomes pretty scary.
Raptor Is A ‘Game-Changer’
With our Raptor release, we now have the ability to ingest third-party data natively. So we’ve taken the LogScale technology, and now we’ve built that into the platform and have the ability — which we’ve gotten many many requests [for] over the years — [to] take third-party data and put it natively into CrowdStrike. … But this is, I think, a game changer.
Charlotte AI Will Massively Boost Productivity
Charlotte AI — this is what I’m really, really excited about. This is really a core part of our platform. We’ve been working on this for a while. And it really is the engine that is powering the entire portfolio of modules across the platform, using our high-fidelity data advantage. …
What is it going to do for you? It’s going to accelerate your response. It’s going to be a productivity multiplier. We think about making security analysts two or three times more productive. And it’s going to upskill analysts on the job. How do you take a Tier 1 analyst and make that person a Tier 3 analyst? Last I checked, security folks are hard to find, they’re expensive and they’re hard to keep. So how do you make them more productive? And how do you get to teach them new skills on the job? These are the things that Charlotte is focused on.
Falcon For IT Offers Huge Opportunity Beyond Security
If IT already has a security agent, why not allow that architecture — that single-agent architecture, the ability to collect data at scale, the ability to take action — why not make that power available to the IT group? So the goal here is, IT can manage policy, deploy software and make real-time orchestrated changes across their fleet of systems. And of course, real-time queries via natural language workflow, which Charlotte provides. It’s a real game-changer. So with Charlotte you can just ask and [get answers on] any IT issue that needs attention. So if you want to put this in perspective, think Tanium on steroids. That’s what we’re delivering in a single agent — not only security prevention, but the ability for IT groups to ask and answer questions across their fleet.
Bionic Will ‘Complete’ CrowdStrike’s Cloud Security Platform
The beauty and the magic of [Bionic’s] technology is that you don’t need source code or you don’t have to plug in the libraries. It’s magic on how it works. But it gives you a comprehensive view of the risk associated with everything that’s running in your cloud environment — the applications, the microservices and everything that’s connected to it, which really represents risk. So if you look at our cloud portfolio — and today, it’s almost a $300 million business for us — this is one of the most complete cloud security offerings on the planet. We’ve got CSPM [cloud security posture management] and CIEM [cloud infrastructure entitlement management]. We’ve got cloud workload protection ...
And now with application security posture management [from Bionic], we’re bringing all those together — to give you not only a complete view of your risk [around] what’s running in the cloud, but also obviously the protection piece, which comes from cloud workload protection.