From theCUBE stage at CrowdStrike Fal.Con 2025 in Las Vegas, George Kurtz, founder and CEO of CrowdStrike, joins Dave Vellante and Rebecca Knight for a straight-shooting look at the agentic future of cybersecurity. The discussion digs into the era of the agentic SOC, why every second now defines the threat window and how CrowdStrike’s AgentWorks is enabling customers to build AI agents directly on Falcon’s data foundation. Kurtz unpacks the concept of “security AGI,” breaks down autonomy levels for the SOC and explains how annotated telemetry, MDR expertise and frontline IR feed model accuracy.
He also shares what it means for analysts to manage fleets of digital employees, why compliance will be key to AI guardrails and how AIDR ensures visibility and control over agent identities. The conversation covers tuck-in M&A like Pangea for prompt-layer protection and developer-first security, the platform-first approach behind 30 Falcon modules and the rise of Flex licensing with more than $3B in total value contracts. Kurtz makes the case for consolidating point tools onto the Falcon platform to cut risk and accelerate business, laying out a clear playbook for how AI is transforming roles, response and real-time defense.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
CrowdStrike Fal.Con 2025. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For CrowdStrike Fal.Con 2025
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for CrowdStrike Fal.Con 2025.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
CrowdStrike Fal.Con 2025. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to CrowdStrike Fal.Con 2025
Please sign in with LinkedIn to continue to CrowdStrike Fal.Con 2025. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
George Kurtz, CrowdStrike
From theCUBE stage at CrowdStrike Fal.Con 2025 in Las Vegas, George Kurtz, founder and CEO of CrowdStrike, joins Dave Vellante and Rebecca Knight for a straight-shooting look at the agentic future of cybersecurity. The discussion digs into the era of the agentic SOC, why every second now defines the threat window and how CrowdStrike’s AgentWorks is enabling customers to build AI agents directly on Falcon’s data foundation. Kurtz unpacks the concept of “security AGI,” breaks down autonomy levels for the SOC and explains how annotated telemetry, MDR expertise and frontline IR feed model accuracy.
He also shares what it means for analysts to manage fleets of digital employees, why compliance will be key to AI guardrails and how AIDR ensures visibility and control over agent identities. The conversation covers tuck-in M&A like Pangea for prompt-layer protection and developer-first security, the platform-first approach behind 30 Falcon modules and the rise of Flex licensing with more than $3B in total value contracts. Kurtz makes the case for consolidating point tools onto the Falcon platform to cut risk and accelerate business, laying out a clear playbook for how AI is transforming roles, response and real-time defense.
From theCUBE stage at CrowdStrike Fal.Con 2025 in Las Vegas, George Kurtz, founder and CEO of CrowdStrike, joins Dave Vellante and Rebecca Knight for a straight-shooting look at the agentic future of cybersecurity. The discussion digs into the era of the agentic SOC, why every second now defines the threat window and how CrowdStrike’s AgentWorks is enabling customers to build AI agents directly on Falcon’s data foundation. Kurtz unpacks the concept of “security AGI,” breaks down autonomy levels for the SOC and explains how annotated telemetry, MDR expertise a...Read more
exploreKeep Exploring
What is the impact of AI on the security industry and how is it changing the role of SOC analysts?add
What is AgentWorks and how does it allow customers to build their own AI agents, particularly in relation to data security and the comparison with other agent builders?add
What insights can be gained about CrowdStrike's data capabilities and their relevance to AI development?add
What is the role of a security analyst in the context of an agentic Security Operations Center (SOC) and the integration of AI?add
What are the management opportunities for AI agents in terms of security and data protection?add
>> Good afternoon, everyone, and welcome back to theCUBE's Live coverage of Fal.Con 2025, here in Las Vegas. I'm your host, Rebecca Knight, alongside my co-host and co-founder of theCUBE, Dave Vellante. I would like to welcome back to the show George Kurtz, the founder and CEO of CrowdStrike. Thank you so much.
George Kurtz
>> Always great to be here.
Dave Vellante
>> Great having you here.
George Kurtz
>> Yeah, always great to be here.
Rebecca Knight
>> Yeah. So, you were up on the main stage this morning talking about how cyber criminals and nation state actors are using AI to move at machine speed rates faster than ever. Enter the era of the agentic SOC. Tell our viewers what you mean by this.
George Kurtz
>> Well, when we think about how AI is transforming the world, it's also transforming what the adversaries are doing and the speed at which they're moving has changed dramatically. It used to be weeks, then days, then hours and minutes. Now, it's seconds. So, the challenge in the security industry, the challenge and the opportunity, is that the traditional SOC can't keep up. The SOC analyst is overloaded with alerts. There's too much coming in and there isn't enough time to get through all these alerts and understand what's happening at the speed at which the adversary's operating at. So, what I talked about was the agentic SOC and that really is leveraging AI, and its agents, to be able to provide the speed and the capabilities to do work on behalf of the SOC analyst. And I painted a picture where one day we're going to have an autonomous SOC analyst that is literally going to do the work of the analyst and then be controlled by the human as a fleet of agents. And one of our big announcements was our AgentWorks, which allows customers to build their own AI agents to get ahead of this threat.
Dave Vellante
>> I want to ask you about AgentWorks because it really caught my attention. You've announced I think seven agents, but you said that our customer is going to want to build their own agents. And I'm curious as to, and you also introduced the term that I hadn't heard before, security AGI, we coined the term enterprise AGI, meaning you're going to take your private data and it's not going to leak into the internet security. AGI, is that similar? But before I get there, you said that you're going to allow customers with agent to build their own agents and what popped in my head is, "Well, why would I use George's agent builder versus somebody else's?" And you answered the question right away, and the answer was the data. So, I'd like you to explain that you've used graph databases forever, so you've built a 3D, at least, maybe a 4D map of the security enterprise. Can you explain the secret sauce behind that?
George Kurtz
>> Sure. And I talked about this in the keynote, which is CrowdStrike really has the Reddit of security data. And when we think about AI, you cannot build these large-language models without the correct data. Over the history, and we're 14 years since I started the company here now in September, but over the history of the company, we've been able to create a massive data repository. One, in the telemetry that we get trillions of events per day from the sensors. Two, our managed detection response service, Falcon Complete. We were able, over the last 10 years, to actually annotate all of this threat data as we interacted with customers. So, sometimes it's better to be lucky than good. We didn't know gen AI was coming, but because of the way we actually labeled it all, it was perfect for all the training. And the third part is our threat intelligence group is always out on the forefront with all the latest indicators and trade craft. And the fourth piece is we're at the tip of the spear when we actually do incident response services. So, we've got a treasure trove of security data that goes into our AI agents. It's enriched with the customer's data because you need the customer data for what's relevant to them. And now, they get to build in one spot with all the relevant data on the CrowdStrike Falcon platform.
Dave Vellante
>> Okay. So, security AGI is kind of like our enterprise AGI where you have the capabilities and the tooling and the software, but you also need to blend that with the customer data, whether it's in energy or financial services, their own view of the world?
George Kurtz
>> Yeah. When we think about AGI, that's a ways off. When we think about just AGI in general, everyone's trying to get to that where you've got a level of consciousness that goes beyond humans and it's self-learning. And what we're focused on, and we're really first talking about this, is creating a technology that ultimately is security AGI. Meaning, we get to something that's beyond what a human can do and is self-operating, continuously learns and is fully-autonomous. I mapped out the autonomy levels, similar to what a car is. You have five levels of autonomy in a car. We want to get to the fifth level of autonomy for a security analyst, but ultimately, that's going to be security AGI and we're going to do it first.
Dave Vellante
>> You think it'll be harder to get there or easier to get there than it is full self-driving or will it be similar? I mean it's not trivial. This is aspirational
George Kurtz
>> I know it's not trival. And even if you look at Waymos are level four and they can pretty much drive themselves, but what I try to paint a picture is the SOC analyst, instead of this one-to-one relationship of an analyst dealing with a threat, it's going to be an analyst dealing with an army of AI agents, which is very similar to the autonomous car. We take a Waymo, right? It used to be a chauffeur, one chauffeur or driver to a car, that's a one-to-one relationship. Now, you've got many autonomous vehicles with someone in the cloud that's managing a fleet of vehicles. Guess what happens if a car gets stuck? Somebody in the cloud goes, "Oh, wait a minute, we got to give you different and we can get the car out." So, that's all level four. But ultimately, in driving as in security, we are going to get to a spot where these things can operate without any human intervention.
Rebecca Knight
>> So, I'm thinking about the future of work here and in terms of that human who's working hand-in-glove with the agents, how do you see a day in the life of a security analyst in this new era of agentic SOC?
George Kurtz
>> Right, exactly. And I think sometimes people get scared about AI, what does it mean for them and their role? And the reality is it's going to just allow people to do more and faster. And the day in the life is really the analyst checking in with its AI agents who have been working 24-7. In fact, if you can believe this, we have customers that are actually giving employee numbers to their AI agents, that's incredible. So, they're going to be checking in, but they're going to be managing a fleet of agents. And if they need another agent, they're going to create it, but they're going to be aware of each of their functions, they're going to talk to each other almost in a mesh network and they're going to come out with the right outcomes. So, really, you can think about them as they're digital employees that they're corralling to get the right outcomes and they're working 24-7.
Dave Vellante
>> So, we had Marc Benioff on recently, it was right after he wrote that article in the Wall Street Journal. I don't know if you saw it. He said, "We'll be the last set of managers that manage humans only." And so, how do you see that from a human capital management or an agent capital management standpoint? How are we going to manage agents? I think you gave the example, you might have 10,000 employees, you might have a million agents. What does that mean in terms of how we interact with them, how we manage them, the HR aspect?
George Kurtz
>> Well, they're all going to have to be managed and I think this is really where the opportunity is for CrowdStrike. If you think about what we did 14 years ago when we started the company, you're a human, you're on a computer that runs CrowdStrike, right? You have data, you have access to a workflow, you have access to systems outside of this computer. We manage that and we make it safe for you. Think about an AI agent. An AI agent has access to data, it has access to workflows, it has access to systems outside of your corporate network and it has an identity, it has its own identity. So, how we manage that is really, it's the first IDR-type technology, where we're able to provide guardrails and protection, but also, visibility. Like EDR, how can you have an AI agent that doesn't have EDR? Now, it's called AIDR, right? Think about any large company, pick a bank, could they ever deploy an agent that doesn't have visibility and control? If it goes off the rails, you have to know what did it touch? What did it do? What did it interact with? From a compliance standpoint. And I don't think people realize how much compliance is going to drive the protection around AI agents.
Dave Vellante
>> So, a couple acquisitions, you announced Onum a couple weeks ago, and I get that one. Pipelining, speed. You're all about speed. Go fast. Explain the Pangea acquisition. What was the rationale there?
George Kurtz
>> Well, it's fantastic technology. And like most of our acquisitions, we look at team and tech. It's a smaller company with a great team. I've known the founder for the better part of 30 years. He's done five companies, probably. He's very smart. He's got a great team. And essentially, they are focused on protecting those AI agents, protecting at the prompt layer. There's so many different attacks at the prompt layer, direct prompt injection, indirect prompt injection, looking at the sentiment, looking at the IDs and how it all operates. The cool thing about Pangea is they actually built technology for the developers as well as for the people who are consuming the AI technology off. Obviously you want to prevent as much as you can upstream and they do that. So, they really stood out as not only just protecting the prompts, but allowing technology to build, providing technology to build security in at the developer layer. And that's going to be a big part of our strategy when you put it on the Falcon platform.
Dave Vellante
>> When you do M&A, you have a particular philosophy. Again, it reminds me of ServiceNow. It's got to fit into the platform. You said, "No one company can do it all." Maybe some are trying to do it all. We've talked about this a little bit before, but it seems like acquisition after acquisition tucks in, fits into the platform. You do the work to integrate it. I mean, not that I mine a $25 billion acquisition of CyberArk. It's a good TAM expansion strategy, but you don't go there. You have a completely different philosophy. If you could explain that, I'd appreciate it.
George Kurtz
>> Well, my philosophy is I'm always long-term thinking, right? And what's best for the company, what's best for our customers, what's best for our customers is a single platform. It's not two platforms, it's not three. And now it's not four. Customers don't want four platforms. I mean it's just masking it as a point product. And ultimately what companies are dealing with when they acquire all these technologies is digital taxidermy. I mean it looks alive, but it's Frankenstein underneath. That's what it is. So, we take the time and effort to build the right technology and our brand promise to our customers. We're going to integrate it all. If it takes us a little bit longer, we're going to integrate it all. When we buy something, we have a view of when we're going to integrate that and we can make sure we're going to integrate it. Something so big and unwieldy and technology that was developed in 1999 is not an easy integration for anybody, so we stay away from that.
Rebecca Knight
>> So, you call this the cybersecurity space race. Who are you racing against, beyond the bad guys? And what does winning look like?
George Kurtz
>> Well, winning for us is making sure our customers are protected, that's the win for us. In terms of how we get there, if we are providing the best technology, if we are the first to provide a fully-autonomous SOC analyst, if we're the first to enable a SOC to do more with less and to provide the best outcomes in a period of time that can't even be imaginable, that's the win for us. And there's going to be others that are going to try to get there before us, but I think we've got the right dataset, the right people, the right focus, the right platform that we can win this race to security AGI.
Dave Vellante
>> So, I want you to school me on this. So, I wrote a piece this weekend. It was CrowdStrike from Product to Platform: How CrowdStrike Navigates to Durable Growth. And one of your people pinged me and said, "Dave, we've always been a platform." Now, of course, but your customers haven't always thought of you as a platform. Are they beginning to think of you as a platform? First question. And then, we were here for the Charlotte announcement, how's that going? What's the uptake look like? And same with Falcon Flex, love the all-you-can-eat, just makes it fast sell for customers. Can you give us the update there?
George Kurtz
>> Well, I mean the reality is when I started the company, we had one module. When we IPO'd, we had 10. We have 30 now. We've been a platform for a long time. And the key is you have to look at our stats, and we give them out every quarter, of how many customers by percentage adopt our modules. And whether it's 6, 7, 8 or 9, it's a huge percentage. So, customers have been consolidating on us for a long time and there's only a few platform players in security and we're one of the big ones. Falcon Flex is a game-changer because we've really pioneered a new license model. It's not a consumption model, it's a commitment model and we have everybody copying it. They don't even change the name. I mean, they're not even creative enough to change the name.
Dave Vellante
>> Call it Flex.
George Kurtz
>> They call it Flex, their own Flex. So, why do they do that? Because they saw the success. We have over $3 billion in Falcon Flex total value contracts. And at the end of the day, we make it simple for our customers to buy. We make it simple for them to consolidate on our platform and we get rid of these procurement cycles and we open the entire product catalog. Guess what happened after the acquisitions? Customers who are on Flex came up to me and they said, "When can I get Pangea?" I said, "As soon as the deal's closed, it'll be on the price book. You could pull it down. You don't have to wait months for all these new SKUs and everything else or a new procurement cycle." That's the future. And that's again, not only pioneering technology but pioneering the license mechanism.
Dave Vellante
>> And my point when I chose the title was I really sensed an industry shift. I mean, you're ahead, of course. Are you seeing customers being able to reduce the number of suppliers in their stack? I mean, they've struggled to do that for years. Obviously, you have some examples, but I'm asking broader in the industry, do you see that trend?
George Kurtz
>> Absolutely. Every time we have a conversation with a customer, they look at the modules and we build a roadmap. And it's really a journey of where they start and the other technologies they have. They have way too many agents. They have way too many point products, whether that's in vulnerability management, whether that's in IT hygiene, whether that's in cloud, any number of areas. They have way too many of them. And with a Flex license, you know what they say? "We've got Flex dollars. We've got CrowdStrike. What's the next module?" They're making buying decisions based upon what we have our ability to consolidate and our ability to help them consume those Flex dollars.
Rebecca Knight
>> So, I want to put you in a bit of a reflective mood. There's 8,000 people here, that's huge. You founded this company 14 years ago. You said you're a long-term thinker. What's next?
George Kurtz
>> It's a great question. The great thing about security is it really is a function of technology. And if we believe that AI is the future and we believe AI is going to be, we're going to have more AI in a year, two and five years, I can't even imagine the security you're going to need because as I talked about in my keynote, security parallels the slope of the technology curve. So, it really doesn't matter what technology does, there's always going to be a play for security. This is a beauty, right? We win as long as technology evolves. And if I'm a betting man, I'm going to bet that technology's going to continue to evolve at a more rapid pace than ever, and we're going to be there to solve part of the security challenges of that new technology.
Dave Vellante
>> I really liked the keynote this morning when Michael sat down with the head of cyber from the White House. We were talking about this, Rebecca, definite change in tone, much more collaborative than the previous administration was finger-wagging at the industry. And I want to ask you a public policy question. Michael Dell, when he went private, used to talk about the 90-day shock clock. Of course, now he's public again, he's happy to report quarterly. And of course, the president was saying that he wants to change the reporting to twice a year. I would imagine that's something that you would like, but I'd like you to reflect on that because it seems to be working, the quarterly shot clock. United States companies dominate. You're a long-term thinker, you have to report quarterly, it puts pressure on people. What are your thoughts on reporting only twice a year? Is that something you would favor?
George Kurtz
>> Well, I mean, obviously, we're going to do whatever the regulatory requirements are, but you look at an Amazon as an example. For many years they said, "Hey, we're just going to invest." And they conditioned their investors. They were going to incur these losses and they didn't really care about the quarterly results. And then, boom, you could see the benefits of it. That was long-term thinking. And obviously, what we've been focused on, as a founder, is we want to be a generational security company. We're here for the long haul. We've gone through all the gates. We are one of the fastest-growing companies ever. And I think we have a unique opportunity to be the number one security company now and in the future in security. And we'll deal with the quarterly results and we work with our investors. But at the end of the day, we always want to make sure that our investors know we're focused on investing for the long-term, not making short-term decisions because a lot of decisions can be made for the short-term that look good for the next 90 days. We won't do that. We won't cut corners and we'll make it for the next year, 2, 3 or 5 years or 10 years down the road. And that's always been my philosophy.
Dave Vellante
>> But you're super supportive of startups and you're seeing fewer and fewer IPOs. As a company being public, there's benefits, better exposure. Actually, maybe you're not using your stock to do acquisitions, but you could.
George Kurtz
>> Yeah, we could. Well, we've got plenty of cash, right?
Dave Vellante
>> You've got like $5 billion on the balance sheet.
George Kurtz
>> We've got $5 billion plus cash. We've been very frugal with our cash. I think we've been very diligent on our acquisitions. When you look at these, we're getting great teams in tech. We're not paying for go-to-market, right? The go-to-market is us, the machine. You drop it in and it's going to go. Onum, it's going to go to the roof. Pangea, It's going to go to the roof. So, when I look at our opportunities of public companies, there's only a few... I don't know, probably less than 10 public companies. I have to do the math. It's hard to be public. It's not easy. And I always say, "The good news is we're public and the bad news is we're public." That's the world we live in, but there's a lot of benefits. We can go out, we can acquire these companies. There's a lack of liquidity for investors right now, and we can tag team with these entrepreneurs who they couldn't get acquired by a lot of companies. You know where they want to come? CrowdStrike because we're going to give them the capital they need to succeed. We're not going to stifle them. I've been acquired two times. I know what to do and what not to do. We want to add water and let them grow. We don't want to kill them. And entrepreneurs love the fact that they're teaming up with another entrepreneur. I just happen to be running a 10,000-person company.
Dave Vellante
>> I mean, you could probably be a lot more profitable if you wanted to dial down your growth, but you see a huge TAM in front of you. I mean, there's no reason to do that at this point in time. You're profitable enough.
George Kurtz
>> Yeah, so if you look at our cash-flow generation, it's incredible.
Dave Vellante
>> Yeah, 22% .
George Kurtz
>> It was like 24% last quarter. It's going to be even greater down the road. You look at our growth rate's in the 20-plus percent at scale. We're a $4.5 billion type company. The rule of 40 is crazy for our size. So, we've got all the right ingredients and we're in the right market. We're going to add gas and continue to grow.
Dave Vellante
>> And the TAM is enormous. What does AI do for the TAM? I mean-
George Kurtz
>> It just expands it. This is what I'm trying to say. I don't think people-
Dave Vellante
>> Yeah, for sure, but 3X? 10X? Hard to tell.
George Kurtz
>> I mean don't think people really, yeah, understand. If we made a really big business protecting every PC, we're going to make an even bigger business protecting every AI agent.
Dave Vellante
>> Amazing.
Rebecca Knight
>> That's a great note to end on. George Kurtz, always a pleasure having you on. Thank you so much.
George Kurtz
>> Great. Thank you so much.
Dave Vellante
>> Thank you.
Rebecca Knight
>> I'm Rebecca Knight for Dave Vellante. Stay tuned for more of theCUBE's live coverage of Fal.Con 2025. You're watching theCUBE, the leader in enterprise tech news and analysis.
Rebecca Knight
Dave Vellante