CrowdStrike CEO George Kurtz On Explosive AI Growth Potential For Partners

‘The [partner] organizations who figure out how to harness agentic AI to provide a solution are going to do really, really well,’ Kurtz tells CRN.

CrowdStrike is investing to provide “foundational” platforms for solution and service provider partners to fully capitalize on the massive cybersecurity growth opportunities ahead related to AI and agents, according to CrowdStrike co-founder and CEO George Kurtz.

In an interview with CRN last week during RSAC 2026, Kurtz pointed to CrowdStrike announcements such as the launch of new partnerships around Charlotte AI AgentWorks, which is the company’s no-code platform for security agents.

With the new Charlotte AI AgentWorks Ecosystem collaboration, partners such as Accenture, No. 1 on CRN’s 2025 Solution Provider 500, are enabled to create AI agents that are finely tuned to provide specific security outcomes for customers, he said.

It’s just one example of how the cybersecurity giant is doubling down on providing the AI and security capabilities needed to drive partner growth during the next technology wave focused around agentic, Kurtz said.

All in all, “when we think about the ability for AI to help partners, I think their business is going to explode,” he said. “The [partner] organizations who figure out how to harness agentic AI to provide a solution are going to do really, really well.”

During the interview with CRN, Kurtz also spoke about key areas of cyber risk that are increasingly fueled by AI as well as the reacceleration of endpoint security as a category amid the agentic boom.

Meanwhile, the CrowdStrike CEO addressed the debate on Wall Street over whether LLM-powered tools such as Claude Code Security could displace existing cybersecurity platforms—noting that the recently announced tool from Anthropic is focused on vulnerability scanning rather than preventing breaches.

There’s no question that CrowdStrike ultimately remains “in a great position for customers and to be part of the [security] solution going forward,” he said.

In addition, Kurtz discussed the expansion of CrowdStrike’s partnership with Microsoft, most recently involving the addition of Microsoft Defender for Endpoint support in CrowdStrike’s Falcon Next-Gen SIEM offering.

What follows is more of CRN’s interview with Kurtz.

When it comes to AI being used by threat actors, what advancement is CrowdStrike seeing there? How much is it accelerating attacks?

If you look at the breakout times that you’ve seen with our threat reports, it was 48 minutes down to 29 minutes, from getting on a system to pivoting and lateral movement. The fastest time was 27 seconds. What we’re seeing is AI is being used in all these attacks, in some to automate the entire tool chain. In others [AI can] help an attacker who is on a system and maybe is not as familiar with it. So you’ll see a PowerShell script be created, and you’ll see other automation that we know is generated from an AI tool. So it’s helped them, even if they don’t have specific expertise in every platform that they might land on. We’ve dramatically seen the window that a defender had being compressed from a vulnerability or a zero-day becoming public to when it’s being exploited. A lot of companies have a three-day patch window. Well, if the breakout time is 29 minutes, then your patch window is way different than your breakout time. We’re also seeing more adversaries being created because [AI is] minting new adversaries with less skill. But when you combine that with an agentic tool, they have a lot of skill. So you’re creating more adversaries with a higher level of sophistication just because they’re leveraging AI.

In terms of AI agents, what are the biggest security risks that you see?

I think [the risk] is really around the OpenClaw model where you’ve got agents that are running in the context of the user on your desktop, with access to all your data files, with everyone plugging in their credentials to plug into Box and Dropbox and Google Drive and their email and every other thing that’s out there. [If agents are] having access to shells, having access to data and workflows—how do you even know what’s going on? In February there were a whole bunch of malicious skills that got introduced into OpenClaw. [Then there are] latent attacks—if you’re poisoning memory, that’s not going to show up for a while. [Attackers] have the ability to get a supply chain attack in and just wait. So this is really scary stuff.

When it comes to endpoint security, what are you seeing there in terms of reacceleration of demand because of AI?

The endpoint is really the manifestation of where AI takes place. And a lot of people for years have said, ‘Is the endpoint [growth] slowing down?’ There’s all kinds of other technology. Well, it’s not. And in fact, even with our latest two quarters of results, you can see core endpoint protection accelerating because people need to observe what’s happening on the endpoint, they need to put governance around it and they need to protect it. And that’s what we’re delivering. We’re in the best position to be able to do that because we’re already doing that for humans. And now we’re doing that for agents. We've enhanced and adapted the technology that people depend on. We call it AIDR, which includes our core technology as well as some of the things we’ve gotten from Pangea as well as Seraphic. But the tip of the spear now, where AI happens, is on your desktop.

You have put out some strong statements that tools such as Claude Code Security will not be able to replace what vendors like CrowdStrike are offering. Since then, have you seen more proof that the position you spelled out is the right one?

In talking to customers that have seen it—and lots of folks have seen it—they wholeheartedly agree. I keep asking, ‘Has there been any [instance where] Claude Code actually prevented a breach?’ I haven’t seen it yet because No. 1, it’s not in-line, and No. 2, it’s not deterministic. And I think, from the standpoint that I outlined, if you’re a net data creator and you’re a platform of record, that puts you in a great position for customers and to be part of the solution going forward. There’s a lot of great things that are happening with Claude and Claude Code. We’re huge fans. But it’s just way different. You can’t look at scanning code and say that it’s going to solve every security issue. Because I can tell you, even if there were zero vulnerabilities in every piece of code that’s ever been written, that’s not going to stop the breaches. It’d be a great thing for the world, but it’s not going to stop the breaches.

What would you say are the biggest ways CrowdStrike is working to ensure that AI is used securely?

A big part of it is really trying to help, in security, come up with something that is realistic. On the one hand, you see companies that are like, ‘Hey, we’re going to throw AI at everything—and if stuff breaks, we’ll deal with it.” And other companies are like, ‘Hey, this stuff is dangerous, and we don’t know what to do with it.’ You’ve got to come in somewhere in the middle. I think what security companies like CrowdStrike can do is [we can] help enable AI. Because foundationally, it’s going to change the world and has changed the world. You just need to be able to provide governance and protection around the use of it in a way that can help facilitate all the benefits to customers. You need security, and you need governance and compliance—and you’re not going to just get that from an LLM.

In terms of announcements [at RSAC], you added Microsoft Defender for Endpoint support in your Next-Gen SIEM offering. How does that advance the offering?

When you can get telemetry from almost any source into Next-Gen SIEM, I think it’s a good thing. And obviously, there’s a lot of Microsoft customers out there running Defender. And having the ability to ingest that and leverage that is good for customers and good for us. It further expands the data that we can take in and how we leverage Charlotte [AI] and her friends.

What are the major updates when it comes to Charlotte?

I think when you look at AgentWorks, that’s part of the Charlotte family. And that’s one of the things that we’re really excited about—the ability for our customers and partners to actually create their own security agents. Obviously, they’re going to be using the data that’s in Next-Gen SIEM and the platform itself. And if you have Defender data in there, then you have more opportunity to create broader workflows around that. We’ve listened to our customers, and while we have our own agents, they want the ability to rapidly create their own security agents for a specific task. And at this point, things are evolving very quickly. But it’s creating these sort of swarms of agents that are specific in their area of focus—and then it’s combining those together and having Charlotte orchestrate all that for our customers. That’s one piece specific to Defender. And then when we think about our partners, Accenture is one of the big ones—where partners like Accenture will be able to create their own agents for their customers. At the end of the day, I think the big thing from a security perspective is getting the right outcome. So if you look at an Accenture or other partners like that, they’re going to figure out what their customers want—what outcome they want—and then use technologies like Falcon and AgentWorks to be able to get that outcome for them.

What is your message for channel partners about the opportunities related to AI?

One of the things that I will talk about [in my RSAC keynote] is that autopilot in a plane has actually produced more pilots, not less pilots. So when we think about the ability for AI to help partners, I think their business is going to explode. Just asking a question and getting an answer [from AI]—that’s 2022. But you have so many customers who have a specific use case for how to implement agentic AI. Do we use NemoClaw? Do we use OpenClaw? Do we use something else? Do we use Claude Code? And you’re going to need to build solutions that actually create an outcome. So I actually think there are going to be different skill sets. But the [partner] organizations who figure out how to harness agentic AI to provide a solution are going to do really, really well. And that’s why we're excited about AgentWorks because we see that as being a foundational platform for security.

Going back to Next-Gen SIEM, you just disclosed that your ARR in the category is up 75 percent year over year. What does the expansion of the Microsoft partnership do for that business?

I think if you just zoom out a little bit, what we announced [previously is] being on the Microsoft marketplace. And then we announced the fact that customers could [utilize] Microsoft Azure credits. So now in the marketplace, customers can essentially use their Azure spend to procure CrowdStrike. And then the follow-up to that is, how do we take in Microsoft telemetry to expand the ecosystem and Next-Gen SIEM? What we’ve seen typically is that people who are using Next-Gen SIEM tend to use more of it because when they get it, they [see] it’s much more performant than the legacy technology that it was replacing and it’s much more cost-effective. So they’re looking to put more and more into it, which ultimately means they’re spending more with us. But they’re getting more value out of what we’re providing versus what they had. I think if you look at our partners and the hyperscaler marketplaces, we’ve done extremely well. So as an example, we did $1.5 billion with AWS. And prior to this relationship, we had zero with Microsoft. So I think you just have to look at the opportunity in front of us. Obviously, they’re a big player. It’s great for both joint customers to be part of the marketplace, and we look to expand that relationship and grow it over time.

As far as the Microsoft partnership goes, it seems evident that these are much bigger business collaborations compared to what you were doing initially following the 2024 incident. Would you say the partnership has become a lot more strategic recently?

I think you have to look at [the fact that] 10 years ago, the ecosystem was very different—probably for both companies and [industrywide] for many companies. And today, there is just a recognition that there’s this level of co-opetition. If you look at Microsoft, one of their big partners is OpenAI and one of their big competitors is OpenAI. So in 2026, it’s just a different ecosystem. And I think there’s a recognition by both companies that we’re going to compete in areas, but we also are going to partner. And if we can get great outcomes for the customers that benefit both companies, that’s a good thing.