Charlotte AI is powered by a fully managed multi-agent architecture that orchestrates specialized agents across a broad range of tasks. These agents differ in the classes of models they employ, the knowledge bases they can access, and the tasks they’re authorized to perform. Falcon ASPM provides code-level visibility into this complex system, mapping every upstream and downstream dependency, data flow, and third-party integration. It delivers key capabilities for securing this kind of environment, explained below.
Falcon ASPM provides deep code-level inspection, paired with contextually relevant risk assessment and mitigation guidance, to help developer, operations, and security teams sustain high levels of performance and innovation.
Falcon ASPM is built to capture and assess the big picture and every interaction within complex, dynamic, and large-scale microservices applications. It continuously maps application architectures and tracks internal and external service interactions. In addition, it monitors runtime behaviors, software dependencies, and access patterns to detect unexpected changes or risky configurations. This context allows teams to pinpoint issues like memory poisoning, hallucination propagation, and privilege misuse before they become exploitable.
The CrowdStrike product security team employs a dogfooding approach that, among other methods, involves using Falcon ASPM to secure our internal infrastructure, including for Charlotte AI. This approach provides us with unique insights into securing complex AI applications while continuously improving our security tools.
The Power of Falcon ASPM In Securing GenAI Applications
Innovation must evolve on the same curve as security, which is why Charlotte AI is built on CrowdStrike’s secure infrastructure with a multi-agent architecture. It’s purpose-built from the ground up to prevent unauthorized exposure, safeguard privacy, and deliver accurate, traceable results.
Since its founding, CrowdStrike has used emerging technologies, from machine learning to AI-powered behavioral analysis to generative and agentic AI, to stop breaches at the speed of the adversary. Our use of AI innovations extends across every layer of the CrowdStrike Falcon® cybersecurity platform — including CrowdStrike Charlotte AI™, our turnkey agentic analyst, which brings AI capabilities directly into the SOC to streamline investigation and response.
The widespread availability of large language models (LLMs) has driven the rapid development of generative and agentic AI applications for business use cases. These systems can reason, plan, and act autonomously, creating security risks that traditional security tools weren’t built to handle. Their popularity has widened the attack surface, both for organizations using external LLMs and those building their own GenAI applications.
- Are microservices using vulnerable packages?
- Do internal and public-facing APIs implement strong access controls?
- Is data source access restricted to specific microservices and segmented by tenant and user?
- Are all invocations and application operations logged and audited to continuously verify consistency and trustworthy response?
Some of the questions Falcon ASPM can address include:
Beyond continuous testing and monitoring and other security measures, one of the ways our product team secures Charlotte AI is with Falcon Application Security Posture Management (ASPM), a component of CrowdStrike Falcon® Cloud Security. For organizations building and delivering generative and agentic AI applications, Falcon ASPM can provide deep insights into complex attack surfaces to help teams better secure their applications and keep customers safe.
How Falcon ASPM Helps Secure Charlotte AI
Agentic AI introduces unique security challenges that extend beyond traditional application security concerns. Organizations building GenAI applications must have deep visibility into their architecture, understand their interactions with other applications, and know when unexpected or risky activity occurs.