CrowdStrike and IBM have expanded their strategic partnership with a clear focus: making Security Operations Centers (SOCs) faster, smarter, and more automated using AI.
The announcement was made at the RSA Conference 2026, where both companies outlined how their technologies will work more closely together. At the center of this collaboration is the integration of CrowdStrike’s Charlotte AI with IBM’s Autonomous Threat Operations Machine (ATOM). The goal is simple but powerful-automate how threats are detected, investigated, and contained, all at scale.
As part of the expanded partnership, CrowdStrike’s Falcon platform will continue to serve as the backbone of IBM Consulting’s managed security services. It will also play a key role in IBM’s global X-Force Cyber Range simulations, which are designed to prepare organizations for real-world cyberattacks.
Recent data from the CrowdStrike 2026 Global Threat Report and IBM’s X-Force highlights just how urgent this evolution is. The average eCrime breakout time has dropped to just 29 minutes, while the fastest recorded breach happened in only 27 seconds-leaving very little room for manual response.
To address this, the two companies are rolling out a coordinated AI-powered defense system. By combining Charlotte AI with IBM’s ATOM, organizations can move toward autonomous threat containment across their entire digital environment.
Daniel Bernard, Chief Business Officer at CrowdStrike, emphasized the impact of this integration, noting that Charlotte AI will enhance investigation, containment, and response capabilities-while IBM’s ATOM and cyber threat services stand ready to tackle increasingly sophisticated modern threats.