CrowdStrike has announced an agreement to acquire identity security company SGNL, a move the company says is intended to strengthen its ability to manage access and privilege as organisations increasingly deploy AI-driven and non-human identities.
Under the deal, CrowdStrike will integrate SGNL’s Continuous Identity technology into its Falcon platform, extending its identity security capabilities beyond traditional human users to include non-human identities and autonomous AI agents. Financial terms were not fully disclosed, although CrowdStrike said the transaction will be funded primarily in cash, with a portion paid in stock subject to vesting conditions. The acquisition is expected to close in the first quarter of CrowdStrike’s FY27, pending regulatory approvals.
The announcement comes as identity security becomes a central concern for organisations adopting cloud services, automation and agent-based AI systems. According to industry estimates cited by CrowdStrike, the identity security market is projected to grow rapidly over the next several years as the number and diversity of identities with system access continues to expand.
SGNL provides a runtime access enforcement layer that sits between identity providers and the SaaS and cloud platforms users and systems access. Its technology continuously evaluates identity, device posture and behavioural signals to dynamically grant or revoke access, rather than relying on static policies or long-lived privileges.
CrowdStrike said this capability will allow it to extend dynamic, risk-based authorisation across SaaS platforms and hyperscaler cloud environments, addressing limitations in traditional access models that assume fixed roles and persistent privileges. These models, the company argues, are poorly suited to environments where AI agents and machine identities are created and operate dynamically, often with elevated permissions.
CrowdStrike founder and CEO George Kurtz said AI agents introduce new challenges because of their speed, autonomy and access to sensitive systems, effectively making them high-privilege identities.
“With SGNL, CrowdStrike will deliver continuous, real-time access control that eliminates the gaps created by legacy standing privileges,” Kurtz said. “This is about rethinking how privilege and access are managed as AI becomes part of the workforce.”
CrowdStrike said its Falcon platform already brings together multiple identity security functions, including initial access prevention, privileged access management, identity threat detection and response, and SaaS identity security. By adding SGNL’s continuous access enforcement, the company aims to link real-time threat intelligence with live access decisions across hybrid, cloud and SaaS environments.
SGNL CEO and co-founder Scott Kriz said the company was founded to address the risks created by standing privileges that persist long after access is required.
“Legacy access models expose organisations to significant risk in modern environments,” Kriz said. “Joining CrowdStrike gives us the scale to apply continuous identity principles more broadly across enterprise security.”
If completed, the acquisition would further consolidate CrowdStrike’s position in the identity security market, which is increasingly shaped by the convergence of endpoint protection, cloud security and identity governance. It also reflects a broader industry shift away from static access controls toward continuous, context-aware authorisation models designed to respond to real-time risk.
