CrowdStrike has announced a definitive agreement to acquire SGNL, a leader in Continuous Identity security, in a move designed to fundamentally transform privilege and access management for the age of AI agents. This acquisition will integrate dynamic, real-time authorization capabilities into the CrowdStrike Falcon® platform, aiming to eliminate standing privileges and secure access for human, non-human, and AI identities across SaaS and cloud environments.
CrowdStrike signs definitive agreement to acquire Continuous Identity leader SGNL.
The acquisition aims to secure human, non-human, and AI agent identities with dynamic access control.
SGNL's technology will enable real-time access grant/revocation based on Falcon platform risk signals.
It extends CrowdStrike's identity security beyond traditional directories to AWS IAM, Okta, and SaaS.
The move targets the rapidly growing identity security market, projected to reach $56B by 2029.
The deal is expected to close in CrowdStrike's first quarter of fiscal year 2027.
The acquisition is a direct response to the new risks posed by AI agents that operate with high privilege and speed. George Kurtz, CEO and founder of CrowdStrike, emphasized the shift: “AI agents operate with superhuman speed and access, making every agent a privileged identity that must be protected. With SGNL, CrowdStrike will deliver continuous, real-time access control that eliminates the known and unknown gaps from legacy standing privileges.” This approach seeks to replace static, policy-based models with a system that continuously reassesses risk as threat conditions evolve.
SGNL functions as a runtime access enforcement layer between identity providers and critical resources. By integrating with the Falcon platform, it will use real-time intelligence on identity, device, and behavior to dynamically grant or revoke access. Scott Kriz, CEO and co-founder of SGNL, highlighted the combined potential: “Joining CrowdStrike provides us with global scale natively through cybersecurity’s leading platform to transform enterprise security with Continuous Identity, furthering CrowdStrike’s mission of stopping breaches.” This will extend Falcon’s Just-in-Time access capabilities across a broader set of cloud identity and SaaS systems.
The addition of SGNL is positioned to complete CrowdStrike's vision for a unified Next-Gen Identity Security suite. It aims to secure the full identity lifecycle—from initial access prevention and privilege management to threat detection and now, continuous authorization. The integrated system promises to enhance identity governance and provide downstream application protection by leveraging protocols like Continuous Access Evaluation Protocol (CAEP) within the Falcon® Fusion SOAR framework.
This strategic acquisition underscores CrowdStrike's focus on consolidating security functions into its platform to address the complex, dynamic access challenges introduced by AI and cloud-native development.
About CrowdStrike
CrowdStrike, a global cybersecurity leader, has redefined modern security with the world’s most advanced cloud-native platform for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data.
Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft, and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting, and prioritized observability of vulnerabilities.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.