CrowdStrike Expands the Agentic Security Workforce, Trained on the Knowledge of Elite Analysts

CrowdStrike announced the expansion of its Agentic Security Workforce, introducing new mission-ready agents that extend the Falcon platform and drive the evolution of the agentic SOC. Building on the first wave of agents introduced at Fal.Con 2025, new agents bring agentic automation to common Falcon platform tasks such as app creation and data onboarding, accelerating outcomes and liberating analysts to focus on the strategic decisions that strengthen security.

“If agents are expected to think, reason, and act like an expert analyst, they must be trained on expert experience, not legacy playbooks,” said George Kurtz, CEO and founder of CrowdStrike. “That’s the difference between static automation and true intelligence – playbooks train automation, people train intelligence. CrowdStrike’s agents learn from the world’s best SOC operators, giving them the judgment to act autonomously and the discipline to stay under defender command.”

Delivered through Falcon platform modules, the Agentic Security Workforce unites existing agents trained on millions of Falcon® Complete SOC decisions across prevention, detection, investigation, and response, with new agents that streamline common tasks based on real-world platform usage and expertise. Unlike automation platforms trained on machine-generated playbook data, CrowdStrike agents inherit expert human judgment to reason over massive datasets and take autonomous action as an elite analyst would. New and updated agents include: