By CrowdStrikeLearning Objectives
- Understand what CrowdStrike Falcon is and how AI-native endpoint security works
- Evaluate Charlotte AI's agentic capabilities and the AgentWorks ecosystem
- Assess CrowdStrike's recovery from the July 2024 global outage
What Is CrowdStrike Falcon?
CrowdStrike Falcon is a cloud-native cybersecurity platform that uses AI to detect, prevent, and respond to cyber threats across endpoints, cloud workloads, identities, and data. With 29,000+ customers (including approximately 60% of Fortune 500) and $4.81 billion in revenue, CrowdStrike holds the number one market position in modern endpoint security at 22.6% market share.
Charlotte AI is CrowdStrike's agentic AI security analyst, integrated directly into the Falcon platform. At RSAC 2026 (March 25, 2026), CrowdStrike launched Charlotte AI AgentWorks — an ecosystem for building, testing, and deploying custom security agents with no code required.
💡Key Concept
AI-Native Endpoint Security: Traditional antivirus relies on signature databases — known patterns of malware. AI-native security like Falcon uses machine learning to detect behaviors that indicate threats, even for never-before-seen attacks. CrowdStrike's models analyze billions of events daily across its 29,000+ customer base, creating a network effect where every customer's threat data improves protection for all others.
Charlotte AI Capabilities (RSAC 2026)
- AgentWorks — build, test, and deploy custom security agents in Falcon (no code). Launch partners include Anthropic, NVIDIA, OpenAI, AWS, Accenture, Deloitte
- 7 mission-ready AI agents — Exposure Prioritization, Malware Analysis, Hunt, Correlation Rule Generation, and more
- Agentic SOAR — combines security automation with agentic reasoning for real-time decision-making
- AI Runtime Protection — runtime visibility of AI behavior at the endpoint (commands, scripts, file activity, network connections)
- Shadow AI Discovery — automatically discovers AI applications, agents, LLM runtimes, and MCP servers running across endpoints
The July 2024 Outage
On July 19, 2024, a faulty configuration update caused Windows blue screens across 8.5 million devices worldwide — grounding 10,000+ flights and causing an estimated $5.4 billion in Fortune 500 losses. Recovery required manual intervention (safe mode boot, config file deletion). By July 29, approximately 99% of affected sensors were restored.
CrowdStrike subsequently overhauled its update testing and rollout processes. Despite the outage, customer count grew from 24,000 to 29,000+ in the following year — demonstrating remarkable customer loyalty.
Pricing
- Small business endpoint protection
- Next-gen antivirus + basic EDR
- Full EDR + threat hunting + identity protection
- Fully managed detection and response
Company Details
| Detail | Info |
|---|---|
| Company | CrowdStrike Holdings (NASDAQ: CRWD) |
| Founded | 2011 |
| CEO | George Kurtz (co-founder) |
| Headquarters | Austin, Texas |
| Employees | ~10,700 |
| Revenue (FY2026) | $4.81 billion (+22% year-over-year) |
| ARR | $5.2 billion (+24% year-over-year) |
| Market Cap | ~$102-110 billion |
| Customers | 29,000+ (~60% of Fortune 500) |
| Endpoint Market Share | 22.6% (number 1; IDC) |
| Website | crowdstrike.com |
Key Takeaways
- CrowdStrike Falcon is the number one endpoint security platform with 22.6% market share, 29,000+ customers, and $4.81 billion revenue
- Charlotte AI AgentWorks (RSAC 2026) enables custom security agent building with partners including Anthropic, NVIDIA, and OpenAI
- Recovered from the July 2024 global outage (8.5 million devices affected) with customer count growing from 24,000 to 29,000+
- Shadow AI Discovery and AI Runtime Protection address the emerging threat of unmanaged AI applications running across enterprise endpoints
