In a bold move to strengthen its leadership in the rapidly evolving field of identity security, global cybersecurity giant CrowdStrike has announced its acquisition of SGNL, a Palo Alto-based firm specializing in continuous identity security. The deal, which was made public on January 8, 2026, is set to transform how businesses manage access control across both human and non-human identities in the age of artificial intelligence (AI).
CrowdStrike, known for its Falcon platform and cutting-edge cybersecurity solutions, explained that this acquisition would allow the company to expand its capabilities in dynamic access control, enabling real-time evaluation and adjustment of access rights based on current risk conditions. This continuous, real-time security for identities—whether human, AI, or machine-based—reflects the growing need for more sophisticated measures to guard against the expanding threats posed by autonomous AI agents.
Strengthening Identity Security for the AI Era
CrowdStrike’s founder and CEO, George Kurtz, underscored the significance of the deal, emphasizing that AI agents—due to their superhuman speed and access—represent a new class of privileged identities that require robust security measures. With SGNL’s technology, CrowdStrike will be able to offer continuous access control that proactively mitigates risks, particularly those arising from both known and unknown gaps in legacy security protocols.
Kurtz said, “AI agents operate with superhuman speed and access, making every agent a privileged identity that must be protected.” He further explained that the partnership would enable CrowdStrike to set a new standard for identity security, which would be essential as AI plays an increasingly dominant role in cybersecurity.
This acquisition reflects the growing importance of identity security as a critical area within cybersecurity. According to research by International Data Corporation (IDC), the identity security market is expected to grow substantially in the coming years, with the market projected to reach $56 billion by 2029, up from $29 billion today. With AI-driven threats on the rise, the need for cutting-edge identity security solutions is more pressing than ever before.
The Role of Non-Human Identities in Modern Cybersecurity
One of the key drivers of the acquisition is the increasing prevalence of non-human identities in the workforce. As AI, automation, and other autonomous systems become more integrated into business operations, these non-human identities are now often granted high levels of access to critical data, applications, and compute resources. While this enhances efficiency, it also introduces significant new risks—especially as AI systems tend to operate independently, sometimes making autonomous decisions that could open the door to security vulnerabilities.
CrowdStrike’s integration of SGNL will allow the company to continuously evaluate the access rights of both human and non-human identities in real time. By doing so, CrowdStrike will be able to dynamically grant, deny, or revoke access as conditions change, ensuring that only authorized individuals and systems have access to sensitive resources.
This will help to close the security gaps created by traditional “standing privileges” where access rights are granted for long periods, often with limited oversight. The flexibility and adaptability of the new solution will be crucial in safeguarding modern enterprises as they embrace AI and automation in their operations.
SGNL’s Technology and Its Role in the Falcon Platform
SGNL, founded in 2021 by engineering and product experts from Google, Okta, and Microsoft, has developed a continuous identity platform that helps businesses enforce access control dynamically, based on real-time conditions. This technology is pivotal in an environment where traditional methods of granting and revoking access are increasingly inadequate to protect against the evolving landscape of cybersecurity threats.
With the addition of SGNL’s expertise and technology, CrowdStrike will enhance its Falcon platform’s ability to enforce dynamic access across all major identity systems, including cloud, hybrid, and on-premises environments. The key features of the integrated SGNL and Falcon platform will include:
- Eliminating standing privileges: The new system will remove the need for persistent access rights for both human and AI agents, addressing a major vulnerability in legacy identity systems.
- Access enforcement across all identity systems: The integrated solution will provide comprehensive coverage for all major identity systems, ensuring that access control is consistent and secure across diverse environments.
- Governance and downstream protection: The solution will help businesses ensure that their identity security policies align with governance frameworks and provide downstream protection for critical systems.
- Unified hybrid identity security: The combined platform will offer an integrated approach to securing identities across both on-premises and cloud environments, meeting the needs of modern enterprises.
Scott Kriz, co-founder and CEO of SGNL, expressed excitement about the acquisition, stating that the partnership would allow the company to scale its technology globally through CrowdStrike’s powerful cybersecurity platform. He said, “Joining CrowdStrike provides us with global scale natively through cybersecurity’s leading platform to transform enterprise security with continuous identity.”
The Deal and Its Impact on CrowdStrike
The financial terms of the acquisition have not been disclosed, though CrowdStrike noted that the deal will be paid predominantly in cash, with a portion of the deal structured in stock, subject to vesting conditions. The merger is expected to close during the first quarter of CrowdStrike’s 2027 fiscal year.
CrowdStrike, founded in 2011, is renowned for its cloud-native Falcon platform, which offers AI-driven threat intelligence, behavioral analytics, and prevention capabilities to protect organizations from cyberattacks. The company serves over 29,000 customers globally, including major firms like Google, Amazon, and the U.S. federal government.
By acquiring SGNL, CrowdStrike will further solidify its leadership in identity security, an area that is becoming increasingly important as organizations move toward more complex and distributed IT infrastructures. As businesses adopt more AI, machine learning, and automation technologies, the need for advanced identity security solutions will only grow.
Identity Security in the AI Era: A Growing Priority
As AI systems continue to evolve, the security of both human and non-human identities will be a key priority for organizations. The expansion of AI-driven systems and automated processes means that businesses need more sophisticated tools to control who and what has access to critical resources. The integration of SGNL’s continuous identity security platform into CrowdStrike’s Falcon offering will be instrumental in meeting these needs.
With its new capabilities, CrowdStrike aims to lead the charge in shaping the future of identity security, ensuring that organizations can safeguard both human and AI identities from emerging cyber threats. This acquisition underscores the growing importance of real-time, dynamic access control in a world where digital transformation and AI are reshaping how businesses operate and interact with their data.
A New Era for Identity Security
The acquisition of SGNL marks a significant step forward for CrowdStrike as it strengthens its position in the rapidly growing identity security market. With its continuous identity platform and real-time access control, the merged entity will be well-equipped to address the evolving challenges of securing human and AI identities in the AI-driven future.
As businesses increasingly rely on AI, automation, and machine learning to power their operations, the need for robust, scalable, and dynamic identity security solutions has never been more urgent. CrowdStrike’s integration of SGNL’s technology into its Falcon platform sets a new standard for identity security, ensuring that organizations can maintain control over who and what has access to their most sensitive resources.
