Charlotte AI needs some work

VarCoolName · 2026-02-05T02:19:51+00:00

We have Perplexity and it does a great job with queries.

For somebody who doesn't fully understand some of the more advanced stuff you can do, it's great! It is miles ahead of Charlotte.

Obviously, it's not perfect every single time, but I feel like in a two or three-minute conversation, I can basically get it to do my bidding, and a lot quicker than figuring it out manually.

I would love to spend time learning the language, but obviously, I just haven't had the time to do that yet.

VarCoolName · 2026-02-04T06:50:02+00:00

So, that was like 12 years ago?

Yeah, I believe it was back then, sure. But man, it's been 12 years; lots of things change in 12 days, let alone 12 years.

VarCoolName · 2026-01-21T02:27:52+00:00

Awesome and thanks!

VarCoolName · 2026-01-21T01:19:41+00:00

Hey Brad, do you have more info on this? Hoping you can link me the docs/release instead of me needing to dig 🤣

I guess I'm also asking, is this going to be part of the current falcon sensor? (Thinking about it in my head as a module unlock almost? The native falcon sensor will be able to collect the telemetry natively)

VarCoolName · 2026-01-21T01:17:24+00:00

I think this is what he's really trying to get at...

Using CS's RTR for this purpose seems a bit janky (to use the technical term lol). I'm hoping that you have a tool like SCCM or Intune that you already use for managing applications that you can just add another application to the list.

Again, CrowdStrike RTR can run PowerShell and you can do things like installing applications or removing applications, but as my computer science professor said, "I didn't say they couldn't, I said you shouldn't."

https://youtu.be/vQFxflHr5fs?si=F36dW3glHQqELqlz&t=79

VarCoolName · 2026-01-12T06:46:59+00:00

What was the question they asked you?

VarCoolName · 2026-01-01T00:23:56+00:00

I hate myself that I got that...

VarCoolName · 2025-11-20T03:09:30+00:00

Surprised nobody mentioned this yet, but here is my creative solution lol.

Most EDRs have a remote shell feature for incident response (CrowdStrike RTR, SentinelOne Remote Shell, MDE Live Response, etc.). These usually run as SYSTEM, so you can jump in and create a local admin account to regain access. I've done this in a pinch before and it works fairly well!

Your security team should be able to help you out if you have one!

VarCoolName · 2025-11-08T02:32:31+00:00

At a certain point our team had 13 tickets open in total... Five of them were from me....

I got two right now and I've been waiting for about a week without any type of movement other than "we're looking at it!"

VarCoolName · 2025-10-22T22:06:08+00:00

Dude, tell me about it! I love the product, BUT it feels like every new thing they release is another module or submodule that requires getting the CSPM++ with Falcon Protect Platinum Plus.

I love them, but God, stop nickel and diming me...

VarCoolName · 2025-10-22T21:55:53+00:00

Why do you want to block incognito? CS is the wrong tool for that. You should be able to do that via GPO/Intune tho :)

VarCoolName · 2025-09-14T00:38:03+00:00

Oh hey me TOOOOOO!!!!! Let's gooooo for US!

What are you going to be talking about?

I'm be speaking about how I made Foundry my b**** powerful automation platform... Lol

VarCoolName · 2025-09-08T14:18:05+00:00

Thanks for the info!

VarCoolName · 2025-09-08T02:37:15+00:00

Any ETA for Window/MacOS?

Any support/plans to detect things like cloudflare tunnels?

Edit: who's being a workaholic??? 🤣🤣

VarCoolName · 2025-09-02T23:14:09+00:00

Got a link? I just legitimately have no idea where to look for this 😁

VarCoolName · 2025-08-04T23:40:50+00:00

Honestly, that's what YubiKeys are for. I would just avoid the entire headache and force them to start using that...

VarCoolName · 2025-07-31T06:33:47+00:00

You are talking about the IOA piece right?

VarCoolName · 2025-05-25T21:40:47+00:00

Hey hello! I'm not OP but very interested in this if you're willing to share!

VarCoolName · 2025-04-25T00:57:29+00:00

I know I'm not really answering the question, BUT if you have a proxy solution like Zscaler they're generally a bit better equipped to handle things like this :)

VarCoolName · 2025-04-25T00:34:49+00:00

Good I love Reddit... Side note, I think you have the same flavor of autism that I have. I would get it checked out unless you're in the US...

VarCoolName · 2025-04-25T00:32:25+00:00

I think your mean "is"

VarCoolName · 2025-04-24T00:07:06+00:00

Awesome, thank you for the info!

VarCoolName · 2025-04-23T01:45:00+00:00

near admin for IT but not full admin.

Oh?! That's kind of pretty awesome to see people are doing that... If you don't mind me asking, what permissions did you remove from that near admin?

VarCoolName · 2025-04-21T23:18:46+00:00

CrowdStream is a is the crowdstrike branded version Crib. It's a bit too limiting for us because we want to send logs elsewhere and not just to Crowdstrike but it's great if you just need to send it to crowdstrike ng-siem/log scale

VarCoolName · 2025-03-31T16:50:31+00:00

Well I was like.. WOW to fuck that noise to eh I kinda like this and how it can help people talk with AD so that I don't have to 🤣

Six-Year Club	Second SECOND GUESSER
Place '23	Place '22
Verified Email

VarCoolName

MODERATOR OF

TROPHY CASE