George Kurtz, Founder, President and Chief Executive Officer of CrowdStrike, talks with theCUBE Research’s Dave Vellante at the RSAC 2025 Conference about the expanding role of artificial intelligence in cybersecurity. Their conversation explores how AI is shaping threat detection, adversary behavior and platform design.
Kurtz outlines what he calls the “AI paradox,” where rapid AI adoption brings both opportunity and risk. He emphasizes the importance of controlled data, proactive AI agents and integrated platforms to help customers manage growing attack surfaces.
The discussion also touches on the impact of geopolitics on cybersecurity strategies. Kurtz explains how evolving global tensions are influencing spending patterns and reinforcing the need for adaptable, resilient security solutions.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSAC Conference 2025. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For RSAC Conference 2025
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for RSAC Conference 2025.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
RSAC Conference 2025. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to RSAC Conference 2025
Please sign in with LinkedIn to continue to RSAC Conference 2025. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
George Kurtz, Crowdstrike
George Kurtz, founder, president and chief executive officer of CrowdStrike, talks with theCUBE Research’s Dave Vellante at the RSAC 2025 Conference about the expanding role of artificial intelligence in cybersecurity. Their conversation explores how AI is shaping threat detection, adversary behavior and platform design.
Kurtz outlines what he calls the “AI paradox,” where rapid AI adoption brings both opportunity and risk. He emphasizes the importance of controlled data, proactive AI agents and integrated platforms to help customers manage growing attack surfaces.
The discussion also touches on the impact of geopolitics on cybersecurity strategies. Kurtz explains how evolving global tensions are influencing spending patterns and reinforcing the need for adaptable, resilient security solutions.
George Kurtz, Founder, President and Chief Executive Officer of CrowdStrike, talks with theCUBE Research’s Dave Vellante at the RSAC 2025 Conference about the expanding role of artificial intelligence in cybersecurity. Their conversation explores how AI is shaping threat detection, adversary behavior and platform design.
Kurtz outlines what he calls the “AI paradox,” where rapid AI adoption brings both opportunity and risk. He emphasizes the importance of controlled data, proactive AI agents and integrated platforms to help customers manage growing att...Read more
exploreKeep Exploring
What are some challenges organizations are facing when it comes to implementing AI technology within their own organizations?add
What are the capabilities and benefits of agentic AI in terms of enhancing workflow automation and improving customer outcomes?add
What are the trade-offs and benefits of a more open approach to security technology compared to a closed mega platform that does everything?add
What are some examples of how geopolitical tensions can lead to an increase in cyber security attacks and incidents?add
What is the potential impact of AI agents evolving in terms of security and market opportunities?add
>> Hi everybody. We're back live here at RSAC 2025. You're watching theCUBE's Day Three coverage. George Kurtz is here, founder, CEO of CrowdStrike, CEO of the year. Congratulations.>> Thank you.
Dave Vellante
>> I was joking with you, you got to go for the decade, George.>> We're working on it.
Dave Vellante
>> Thanks for taking some time with us.>> more time.
Dave Vellante
>> Really appreciate it.>> Yeah. Good to be here.
Dave Vellante
>> How's the show going for you this year?>> It's great. I think it's the Davos of security. It's meeting lots of customers, and prospects, and a few talks that we have thrown in there. So, busy week for us, but good week.
Dave Vellante
>> Yeah, you've had some announcements. We'll get into some of that, but I want to start with the AI... I call it the AI paradox. You've got people trying to move fast.>> Yeah.
Dave Vellante
>> Maybe they're not trying to break things anymore, but they still want to move fast. They're trying to adopt AI, and then you've got this expanded attack surface as a result. How are you seeing organizations manage that conundrum, and how are you helping them?>> Well, it's a real challenge for a lot of organizations. I think when they first had that ChatGPT moment, it was like, "Wow, this can change things." Then they started thinking about how they would actually implement it within their own organizations, and really what we saw is people trying to figure out, "Well, where's our data going?" That was the first step. "Where does it all go? How do we control it?" And once they kind of got a handle on that, and some of the frontier type guys put some guardrails around it, then it was, "How do we use it within our own organization? How do we get value out of it, and what does it really mean?"
So, from the standpoint of AI, I mean, we're still in the early innings, and I think everyone's trying to figure out how they can use it, how they can control the data, how they get the results in a secure way. And to be honest, in a lot of areas, what's keeping people up at night is just the wild wild west of AI everywhere, and the onslaught of AI agents that, what I would call have the super user capabilities that can do a thousand things in a second, interacting with data, interacting with other third party connectors, and it's got a lot of people staying up late at night.
Dave Vellante
>> We had Mark Benioff on last week, and he calls Copilot's Clippy, and he actually, he made a great statement. He said, "Don't confuse, I'm a marketing guy.">> Yeah.
Dave Vellante
>> And he's a technical too, but he said, "Don't confuse what I say here." He goes, he had some respect for what they're doing, but it was interesting, because we are going from kind of Copilots now to this agentic, and Charlotte, which you introduced, I want to say two Fal.Cons ago, right?>> Yeah.
Dave Vellante
>> Actually. I think you demoed it at Black Hat, I think, originally, didn't you? Is that right?>> I think it was Fal.Con years ago.
Dave Vellante
>> Was it Fal.Con?>> Yeah.
Dave Vellante
>> Maybe you demoed it, but I think you were maybe talking about it like->> Yeah, it was coming. Yup.
Dave Vellante
>> Yeah. Okay. It was really the first time. And that's obviously changing the whole SOC analyst profile. So, what's the update on Charlotte AI? How are people using it? And I want to understand, I want to dig in a little bit, as to how it relates to some of the deterministic AI that you've been working on for a decade.>> Well, when you look at agentic AI, I mean there's a couple elements. You have to go beyond just sort of the Clippy stuff, the chatbots, and we really set along that journey before there was even the term agentic AI. We were thinking beyond chatbots, wiring it into a workflow, and getting real outcomes for customers. And one of the things that we now have done is, and part of what agentic AI is, you can set policies, and you can have these sort of AI agents do work on your behalf, so they can start proactively researching, and pulling information together, start proactively looking at incidents, and summarizing those, and kind of figuring out what an analyst would do without necessarily all the prompting. So, that's one of the things around AI response. The second piece of that is then AI workflows is, okay, now that you have all this data, how do you automatically create an autonomous response? And we've got a tremendous amount of workflow capabilities wired into the platform with things like Falcon Fusion, which are all now tied into Charlotte AI. So we've taken that step from more just prompting it, to having the automation be built in, and have it start to think, and reason, and analyze the problem and then take action.
Dave Vellante
>> So, the deterministic AI, not new to you guys. As the adversaries then get ahold of LLMs, and things like ChatGPT, and gen AI, how has that changed the game? I think you guys made some announcements this week. You've had agents announcements, you've got three or four or five other announcements that I'd like to dig into. But how has it changed the game, and what did you have to do to accommodate that? It's not like you had to do a big rewrite, at least I haven't heard about it.>> Nope.
Dave Vellante
>> I'd like to help people understand why that is, because you have an architecture for that, but you obviously had to respond. So, maybe you could take us through that.>> Well, I think, I mean, if you just step back, and you think about AI, let's kind of go through the couple of pieces. When I started the company, it was an AI company, it was just machine learning at the time. And obviously things have evolved with gen AI, but the big piece of this is, I've always believed that data is a key part of solving the security challenge. And if you have the right data, and it's curated data, and it's annotated data, then it unlocks the power of AI. So if you take something like Charlotte AI with our automated threat hunting, we took 10 years of Falcon Complete, which is our MDR service, and we trained it on what the best analysts in the world are looking at. And sometimes it's better to be lucky than good. We had all that data and it was all annotated. We didn't know how... This was before agentic AI, or gen AI was even a glimmer in somebody's mind. So, from that perspective, we had all this data. It was all kind of curated, and ready to be trained, and then we were able to put that in action with Charlotte AI. But with respect to these sort of models, we made some announcements on being able to scan, and look for vulnerabilities in different models, and really down the path of helping people put some guardrails around implementing AI, because it really is, at this point, the wild wild west. And there's a lot of controls that you need from data, to training, to inference, and everything in between, and we want to be a leader in that space.
Dave Vellante
>> I wonder if you could address your data strategy, and how it relates to your platform strategy. I've heard you say recently, we've gone from a world, and you've probably said this several times, from best of breed tools and products, versus suites, and now we're talking best of breed platforms, and coming back to the data. So, my understanding on your platform strategy is you connect in with partners, you don't do everything to everybody, and you just said, as long as you have access to the right data. So, what are the trade-offs, and benefits of your approach versus saying, "We got to bring everything into one mega platform that does everything?">> Yeah, I think that's maybe where we differ from a lot of other players in the industry is that we are open, and many of our competitors are closed. They want to do everything. They want to keep everything in their platform, and you need to have everything they have to try to make their technology work. We don't necessarily subscribe to that approach, because in security, for me, security parallels the slope of the technology curve. So, since the early '90s, and when I got into security, the slope of the technology curve has gone all the way up to the right, and you have all these security players that have to create security technologies to protect all these new technologies. My point is, there isn't one platform to rule the world. It just isn't. I wish there was, it's not us, it's not any of our competitors. But what we do, we're really good at, and I think the key for customers is the openness of the platform. The areas that we don't play in, we're very clear what we don't do. We're not a firewall company, as an example. The others can do that, but we can consume data from these other third parties, and we can combine that with our first party CrowdStrike data, and then we can create a seamless experience across the platform in terms of hunting, in terms of AI, in terms of outcomes, and we think that's best for customers. Stay true to what you do really well, and the customers want to be able to plug these platforms together, and have one plus one equals three.
Dave Vellante
>> So do you think what happens here, I mean it's amazing, still, how many security companies there are out there. Funding continues. What do you think is going to happen? Do you feel like there's going to be... Because there's clearly a trend toward consolidation in the industry. Okay, we still got a lot of players, but this whole idea of platforms, what do you think is going to happen? Is it going to be fewer larger players, a couple of platform winners, you guys, Palo Alto, Microsoft, clearly heading down that road, maybe some others get in there, and you just get bigger, and bigger, and bigger? But you're challenged obviously to keep best of breed, and the technologies, you just addressed that. Or do you think it's going to be continue to be this high velocity tools creep, next best thing type of industry?>> Well, I think it's a little bit of both, because if you think about the technology curve, and you subscribe to the fact that it's going to continue to go up to the right, there's just going to be new technologies, which I believe, there's always going to be new stuff that's coming out. You're going to need smaller companies with bespoke offerings to protect those technologies. And then ultimately a platform player like ourselves, either we may come out with something that fits the bill, or we may acquire one of those companies. So, I think the platform players will get larger and stronger, and it creates this data moat, which we've always talked about, like we've got 13, 14 years of data. There's a lot of data gravity around that. So, the industry is very unique. If you look across other industries, operating systems, or databases, or go down the list, there's only a few big gorillas, and there isn't 7,000 companies. But because security is so unique, and it parallels the slope of the technology curve, you're always going to have new companies. So, that's part of the excitement about being in security. It's also maybe some of the frustrations of customers, where there's so many new things that are coming out of them, and all these little piecemeal parts that they have to deal with. But ultimately, customers want fewer vendors. They want platforms that do what they say they're going to do, and get better outcomes, and reduce time and cost, and ultimately, with the outcome of stopping the breach, and reducing just the overall impact, and overhead to an organization.
Dave Vellante
>> So you think about the software industry, I mean, you're a software company, but you think about the application software business, highly fragmented, but you do have a few, SAP, and Oracle, and ServiceNow. So maybe it starts to look more like that, because you still have a zillion specialized software companies out there, right?>> Yeah, and you're still going to have the specialists, and either those specialists become features of a platform, or they get bought.
Dave Vellante
>> Okay. What are you seeing in terms of... The other thing I was sharing with you, some of our survey results, we definitely saw indications that geopolitical tensions were causing shifts in spending patterns, that people were spending... I mean, all the spending, because there's headwinds out there. Cybersecurity is not immune from it either, but it seems to be performing better than a lot of sectors, as you know. But, we definitely saw in the data that people were changing their spending patterns as a result of geopolitical tensions, and even seeing greater threats, direct threats as a result of that. Have you seen that in your data?>> Well, we've certainly seen the direct threats element. And when we think about geopolitical tensions, every nation state wants to know what's happening behind the scenes. You take China as an example. They've already been successful in getting a behind the scenes look on how we think about tariffs, right? That's what they do, in attacking some of the government entities that are out there. So, whenever there's geopolitical tensions that are on the rise, the cyber security attacks and incidents continue to go up in parallel with those. And again, it's something that creates opportunity for companies like CrowdStrike.
Dave Vellante
>> I've heard you speak about the threat landscape, and you described it as a pyramid.>> Yeah.
Dave Vellante
>> Top of the pyramid, you got nation states, then you got organized crime, and then you got hacktivists, I think you called them.>> Yeah, good memory.
Dave Vellante
>> Yeah, right. I listened to a lot of your stuff, and you made a really good point. There's not a lot of those nation states. There's enough of them. There's plenty of them, but they're really sophisticated, organized crime is more... Activists, there's a zillion of them. But, what you've said is AI has somewhat democratized that capability. Are you seeing those lines blur, particularly between say, organized crime, and the nation states, or even hacktivists, where they're recruiting mercenaries from the hacktivists, the nation states that is? Are you seeing those lines blur?>> They're absolutely blurring, and they were blurring even before the big push around AI.
Dave Vellante
>> Yeah. Interesting.>> When you look at some of the nation state techniques, they became available, they were maybe leaked, or they became available in some fashion based upon how they were actually used or weaponized. And once they are known, then immediately they flow to the bottom parts of the pyramid. Obviously, the e-crime groups tend to pick that up very quickly, who are sophisticated. They may not come out with all the latest and greatest techniques, but they can take something and use it. It's like the ability to create a nuclear weapon. It takes a lot of know-how to be able to do that. But if somebody left one hanging around, they can pretty much copy it, and if they had everything available to them. So that's the way you want to look at it. And what we found is that through AI, it's this democratization process, what we call the democratization of destruction. You're now minting new adversary groups with even lower sophistication. You can essentially use a lot of these different LLMs to help you create new attacks. They can be used to understand where vulnerabilities are. They can actually create and weaponize new exploits. And what we're seeing is the window of time a company has to be able to sort of patch these zero days is dramatically shrinking. And security really is a function of time. And it used to be a few days that you had, and then it was a day, then it was a few hours. It's going to be like minutes. And the fastest sort of breakout time that we talked about in our latest report was like 51 seconds of someone getting onto a system, and then exploiting it, and pivoting, and moving away. So, I've been to a lot of RSAs, and unfortunately every year I come and go, "Yeah, it's still getting worse."
Dave Vellante
>> Yeah.>> It's getting worse.
Dave Vellante
>> What'd you say? 58 seconds?>> 51.
Dave Vellante
>> 51 seconds, down from like what, 72?>> Well, that was the fastest, but essentially it was, I think 68 minutes of breakout last year. I think it was 42 minutes this year, or something like that. And then the fastest one was, I'm talking averages. The fastest one was like 51 seconds.
Dave Vellante
>> Amazing. So, I want to go back to your platform strategy, and your data strategy, and your modules. You're like, remember the worm drive? Write once, read many?>> Yep.
Dave Vellante
>> That's kind of like you guys. You collect the data once, and then you apply it to different modules. So, that's how you stay on that technology curve. One of the things I like best about Fal.Con, the event, is when I break from theCUBE, I go over, you have this little startup corner.>> Yeah.
Dave Vellante
>> And I like to talk to those guys to see what they're doing, because those are the guys that are on the technology curve.>> Yeah.
Dave Vellante
>> So my question to you is from an architectural standpoint, I mean, are you selecting those startups in a way that you're bringing them in to integrate with your platform, in case there's a right fit that you can fill for your customers? What's your philosophy around that? How do you ensure that architectural discipline with your M&A?>> Well, we always take a customer-centric approach first. Like where do we see demand? And potentially, where do we have a gap that either we want to fill through a partnership, or something that maybe we're going to build in the future. So a lot of these partners, again, are being driven by customer demand. Hey, there's a small private player that's solving this problem. It's good technology, and they just don't have the scale and the reach that we have, but they can integrate with our technology, our platform, our APIs to come out with a better outcome for our customers. And we take that approach of not everybody gets into our ecosystem, but if there's demand, if there's fit, if there's a problem that we want to solve, and ultimately it's good for the customer, we'll put them in. And we've jump-started many companies just by being on our platform. It's incredible. It's like the Apple Store. If you weren't on the Apple Store, you were nowhere. Right?
Dave Vellante
>> Right, right.>> So, that is a good thing. And it does have the secondary purpose of, "Hey, if you're already integrated, you work well, and there's a great demand, that could be potentially a M&A candidate."
Dave Vellante
>> So you said you've been to a lot of RSAs, and it's like... I'm sure you get the question a lot. "I've spent more on cybersecurity every year. How come I'm not safer?" Right? I mean, you get there every year. Do you ever think there's going to be an answer to that question?>> Well, I think when you look across the security maturity curve, right? If you're making progress every day, and you're moving up the curve, that's the direction you want to head. Is there absolute security? No, I don't know that there'll ever be absolute security. I mean, 30 plus years of RSA, and we're still solving password issues, authentication, they just replay themselves. And unfortunately, where we are today is just the human is the weakest in the link. And now what we're seeing with AI agents is all the human elements that we care about, who has access, identity one, who has access to what, where does the data flow? That's kind of a slower process of you and I clicking on a mouse and getting something from a human perspective. But now with an AI agent, you can do 1,000 tasks in a second, and it's like having a super user on steroids that has no guardrails. So, is it going to get better? I think it's just going to continue to evolve, but every company needs to make progress every day. And that really is the judge of being better, and I think companies like CrowdStrike have technology and a platform that dramatically help. I talk to customers, they say, "You're the number one control we have. You find 80% of the things, and you prevent 80% of the things that are out there." So, we look at what we can control, and if a customer is moving forward, not backwards, that's a good thing.
Dave Vellante
>> Well, and I shared with you, I'll just mention it, latest ETR survey, 500 respondents last week. As you think about the most innovative cybersecurity vendors, what names come to mind? Number one, 35% said CrowdStrike. And the second, actually, the second was interesting, was some other vendor. So other was number two. It's rare actually in these surveys that other is not number one.>> Interesting. Yeah.
Dave Vellante
>> So that's kind of cool.>> And I think it goes back to the roots of the company, and driving innovation in everything we do. Even though we're a bigger company, public company, we've got lots of people, et cetera. It's all about driving innovation, and having... When I started the company, I had this mindset of being insurgent, and disrupting the established players, the McAfee, the Symantecs of the world, et cetera. And when you get to scale, you have to be a scaled insurgent, right? You still have to think about every day, going to bed and thinking about, "Who is going to beat me? What other startup, or who's coming along that wants to beat us?" And if you go to bed thinking about that, it really drives innovation, and we've really fostered that culture, and we've got great customers that give us a lot of fantastic ideas, and work with us as joint development partners.
Dave Vellante
>> A couple of years ago, we're talking about gen AI, and then we're talking about protecting LLMs, and now we're talking about agentic. What do you want to be able to say next year, that you're not able to say right now?>> Well, as AI agents evolve, and that's the buzzword of the year at RSA. Every year, it's some buzzword. One year it was threat intelligence, then it was XDR. Now it's gen AI, or agentic AI. We'll, as security people, always come up with some .
Dave Vellante
>> It's like fashion.>> It's like fashion. Like what's in fashion here? But the ability... Just think about what we do today with protecting endpoints and workloads, which is a huge market for us. But when then you think about AI agents that essentially are super user humans in the form of software, that have all the access, and have all the same challenges, and can go off the rails just like a human, that exponentially opens up a massive opportunity for CrowdStrike in the market today, because all of those agents are going to need to be protected, just like the humans need to be protected, just like the systems need to be protected. So, that's the exciting part about where things are going, is as technology evolves, we get to do more things, but we need more security and more guardrails around it to keep people safe.
Dave Vellante
>> George Kurtz, thanks so much for coming on theCUBE again. We really appreciate you making some time for us. I know you're super busy.>> Always a pleasure.
Dave Vellante
>> All right, good deal.>> I look forward to it. Thanks.
Dave Vellante
>> We'll see you at Fal.Con, and if not earlier, we'll be at Black Hat. I'm sure you guys will be there as well.>> I will be there. Thank you.
Dave Vellante
>> All right, cool. All right, keep it right there. We'll be back with our next guest from RSAC 2025. You're watching theCUBE.
Dave Vellante