![Helping Non-Security Stakeholders Understand ATT&CK in 10 Minutes or Less [VIDEO]](https://assets.crowdstrike.com/is/image/crowdstrikeinc/video-ATTCK2-1?wid=530&hei=349&fmt=png-alpha&qlt=95,0&resMode=sharp2&op_usm=3.0,0.3,2,0)
![Qatar’s Commercial Bank Chooses CrowdStrike Falcon®: A Partnership Based on Trust [VIDEO]](https://assets.crowdstrike.com/is/image/crowdstrikeinc/Edward-Gonam-Qatar-Blog2-1?wid=530&hei=349&fmt=png-alpha&qlt=95,0&resMode=sharp2&op_usm=3.0,0.3,2,0)
I’m excited to announce CrowdStrike’s agreement to acquire SGNL, a leader in identity-first security. This acquisition will extend CrowdStrike Falcon® Next-Gen Identity Security to deliver continuous, context-aware authorization for human, non-human, and AI agent identities across SaaS and hyperscaler cloud environments. As risk conditions and threats change, access to applications, data, and AI agents should change with them.
The identity attack surface has quickly expanded, first fueled by the rapid adoption of cloud identity providers and more recently, by the explosive growth in SaaS and AI-powered applications. Non-human identities (NHIs), including service accounts, API keys, and AI agents, often work autonomously and function as high-privilege identities with access to data, applications, compute resources, and other AI agents.
These identities are created in SaaS applications and hyperscaler workloads and operate across distributed cloud access paths. As the agentic workforce expands and non-human identities multiply, organizations must ensure they only provide identities with the privileges needed to operate for the amount of time required.
Today’s challenges require a new approach to securing privileged access, one that continuously evaluates identity risk and dynamically grants or revokes access as conditions change — something legacy access models and PAM solutions built on static policies and standing privileges were never designed to do.
With SGNL, Falcon Next-Gen Identity Security will deliver continuous, context-aware authorization by leveraging all of the CrowdStrike Falcon® platform’s comprehensive threat intelligence and risk signals, replacing static access with dynamic privilege management that eliminates standing privileges for every human, non-human, and AI agent identity. This adaptive approach transforms traditional identity and access models into an intelligent, risk-aware system built for today’s requirements.
Modern Identity Protection for the AI Era
Falcon Next-Gen Identity Security secures the full hybrid identity lifecycle by bringing together initial access prevention, privileged access management, identity threat detection and response, SaaS identity security, and agentic identity protection. As machine identities proliferate, organizations require a modern control plane for all identities that is powered by real-time risk assessment and continuous dynamic authorization.
SGNL provides the runtime access enforcement layer that sits between modern identity providers and the SaaS and hyperscaler resources that employees and NHIs access. As part of Falcon Next-Gen Identity Security, SGNL will receive risk signals from the Falcon platform, identity providers, SaaS applications, cloud environments, and enterprise context sources. It will use these signals to monitor identity risk in real time and grant, deny, or revoke access as threat conditions change. If there is a login from an unusual location, suspicious endpoint state, or other risk signal, SGNL provides an immediate response, continuously maintaining security across hybrid environments.
Below are more details on the capabilities SGNL will bring:
Zero Standing Privileges Across All Identity Types
SGNL replaces static privileges with risk-aware permissions that grant access to SaaS and cloud resources the moment it’s needed, and revoke it the moment it’s not. Security teams can define fewer, more adaptable policies for human and non-human identities that adjust privileges based on real-time risk and contextual data. Because it sits in the middle of the process of granting and receiving access, SGNL provides continuous authorization control to eliminate standing privilege access across every identity.
Unified Identity Fabric
SGNL creates a unified identity fabric that acts as a continuous control plane across every identity type. It delivers comprehensive, real-time visibility by continuously ingesting and centralizing telemetry from the Falcon platform, identity providers, SaaS applications, cloud environments, and enterprise context sources such as ServiceNow. This unified view provides consistent, context-rich intelligence to reduce the identity attack surface.
As part of this, SGNL will extend the just-in-time access now available in Falcon Next-Gen Identity Security, which currently supports Active Directory and Entra ID, to include AWS IAM, Okta, and other cloud identity and SaaS systems. This will broaden our reach and strengthen identity security posture across complex hybrid environments.
Identity Governance and Downstream Protection
SGNL will enhance the Falcon platform’s asset intelligence and identity governance with CAEP-driven enforcement, which will be integrated into CrowdStrike Falcon Fusion SOAR. This will revoke access beyond the identity provider to protect downstream applications and services and prevent misconfiguration-driven breaches.
Our Mission to Secure Every Identity
The explosive growth in SaaS and AI-powered applications has dramatically expanded the identity attack surface as machine and AI agent identities multiply across organizations. These identities are essential to how businesses operate and essential to how adversaries gain and maintain access.
We are committed to providing our customers with the technologies they need to protect every type of identity in the AI era. In 2025, we launched Falcon Next-Gen Identity Security, Falcon Privileged Access, and FalconID. We also announced our acquisition of Pangea to secure enterprise AI development and use across the identities, data, models, agents, infrastructure, and interactions that make up the AI lifecycle.
This innovation will continue with SGNL. Falcon Next-Gen Identity Security already secures the full hybrid identity lifecycle. SGNL will further strengthen its protection with continuous dynamic authorization and elimination of standing privileges across human, non-human, and AI agent identities. It will also expand just-in-time access to support additional identity providers, which is critical for organizations running complex hybrid environments.
With SGNL integrated into Falcon Next-Gen Identity Security, delivered through the unified Falcon platform, CrowdStrike will drive the next generation of identity security, built to meet today’s requirements and proactively stop identity-based attacks.
Forward-Looking Statements
This blog contains forward-looking statements, including statements regarding the closing and benefits of the proposed acquisition. These statements involve risks and uncertainties, and actual results may differ materially. There are a number of risks which could cause actual results to differ materially, including the satisfaction of the acquisition’s closing conditions, our ability to integrate SGNL, and other risks described in the filings we make with the Securities and Exchange Commission from time to time.
