CrowdStrike has agreed to acquire SGNL to deliver continuous, risk-based identity access for human, machine, and AI identities across cloud environments.
CrowdStrike said it has signed a definitive agreement to acquire SGNL, a move aimed at strengthening its position in next-generation identity security as artificial intelligence reshapes enterprise access models.
The acquisition will allow CrowdStrike to extend continuous, real-time authorization across software-as-a-service platforms and hyperscaler cloud environments, applying dynamic access controls to human users, non-human identities, and AI agents. By integrating SGNL’s technology with CrowdStrike’s Falcon platform, the company says it can move beyond static, standing privileges toward access that is continuously granted and revoked based on real-time risk.
“AI agents operate with superhuman speed and access, making every agent a privileged identity that must be protected,” said George Kurtz, CrowdStrike’s chief executive and founder. He said the combination would eliminate gaps created by legacy privilege models and set a new standard for identity security in the AI era.
Identity security has become one of the fastest-growing segments in cybersecurity. According to IDC, the market is expected to grow from roughly $29 billion in 2025 to $56 billion by 2029, driven in part by the rapid expansion of non-human and agentic identities.
As AI-driven workloads proliferate, these identities often operate with high levels of privilege across distributed cloud environments. Traditional access models, built on static policies and long-lived credentials, are ill-suited to reassess risk or revoke access as conditions change, leaving organizations exposed as AI agents act autonomously.
Also Read: Why Seasonal Hiring Puts Data Security at Risk
CrowdStrike said its Falcon Next-Gen Identity Security platform already unifies identity threat detection and response, privileged access management, SaaS identity protection, and hybrid identity security. SGNL adds a runtime enforcement layer between identity providers and the cloud and SaaS resources that users and agents access.
Powered by Falcon’s real-time risk signals, SGNL continuously evaluates identity, device, and behavioral context to dynamically grant, deny, or revoke access. The approach is designed to eliminate standing privileges, extend just-in-time access beyond traditional directories to systems such as AWS IAM and Okta, and improve downstream protection through continuous access evaluation and automated response.
“SGNL was founded to connect access decisions with business reality,” said Scott Kriz, chief executive and co-founder of SGNL. He said joining CrowdStrike would give the technology global reach and help reduce the risks posed by legacy access models.
Also Read: Edition 3: Tech Leaders Turning Complexity into Clarity
Under the terms of the deal, the purchase price will be paid primarily in cash, with a portion in stock subject to vesting conditions. CrowdStrike said the transaction is expected to close in the first quarter of its 2027 fiscal year, pending regulatory approvals and customary closing conditions.
The acquisition underscores a broader shift in cybersecurity toward continuous, risk-aware identity controls as enterprises adapt to an increasingly automated and AI-driven workforce.
