SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Glowing cloud shield identity security ai access control network
#
SaaS
#
Hybrid Cloud
#
PAM

CrowdStrike to buy SGNL to boost AI-ready identity security

Fri, 9th Jan 2026
Author image
By Sean Mitchell, Publisher

CrowdStrike has agreed to acquire identity security specialist SGNL in a deal that the US cybersecurity group says will extend its Falcon platform into "continuous" identity enforcement across human, machine and AI users.

The company said it had signed a definitive agreement and expected the transaction to close in its first quarter of the 2027 financial year, subject to regulatory approvals and other customary conditions. The price will be paid mainly in cash, with a portion in stock subject to vesting.

CrowdStrike plans to fold SGNL's technology into Falcon Next-Gen Identity Security. It aims to apply real-time risk signals from its existing platform to control access across software-as-a-service applications and large cloud environments.

George Kurtz, CEO and founder of CrowdStrike, said AI-based software agents were changing how identity security operated. "AI agents operate with superhuman speed and access, making every agent a privileged identity that must be protected," said Kurtz. "With SGNL, CrowdStrike will deliver continuous, real-time access control that eliminates the known and unknown gaps from legacy standing privileges. We're disrupting the premise of modern privilege and access - for every identity, human or machine. This is identity security built for the AI era."

Growing identity market

CrowdStrike framed the deal against a rapid expansion in identity security spending. Market researcher IDC expects the segment to grow from about USD $29 billion in 2025 to USD $56 billion by 2029.

The company said the rise of non-human identities and what it described as an "agentic workforce" had increased exposure to attacks. These non-human identities include software agents that access data, applications, computing resources and other agents across complex, cloud-based environments.

CrowdStrike argued that many organisations still rely on access models based on static policies and standing privileges. It said these models do not reassess risk as conditions change and do not revoke access dynamically when threats emerge. The company positioned continuous risk evaluation and dynamic authorisation as requirements for identity security in environments where AI agents operate autonomously.

Falcon Next-Gen Identity Security already covers several functions. These include initial access prevention, privileged access management, identity threat detection and response, SaaS identity security and what CrowdStrike calls agentic identity protection. The platform correlates identity, asset and threat data across endpoints, cloud infrastructure and SaaS tools.

Role of SGNL

CrowdStrike described SGNL as a runtime access enforcement layer that sits between identity providers and the SaaS and cloud resources that people, non-human identities and AI agents use.

SGNL technology will use real-time signals from the Falcon platform to evaluate identity, device and behaviour. It will then grant, deny or revoke access as those conditions change. CrowdStrike said this approach removes standing privileges across identities and environments.

Planned features from the combination include access enforcement across major identity systems beyond Microsoft Active Directory and Entra ID. CrowdStrike said it would extend so-called Just-in-Time access to systems such as AWS IAM, Okta and other cloud identity and SaaS platforms.

The company also highlighted integration with its Falcon Fusion security orchestration and automation product. It said this would use Continuous Access Evaluation Protocol to revoke access beyond the identity provider and reduce misconfiguration-driven breaches by cutting off access to downstream applications and services.

CrowdStrike added that it intends to apply the combined tools across on-premise, SaaS and cloud environments. It said this would address identity risks from initial access through to privilege escalation and lateral movement by attackers.

Founders' view

SGNL develops technology that links access decisions to business context, such as roles and current tasks. It has positioned its approach as a way to replace static privilege assignments with decisions made at the moment an access request occurs.

"SGNL was founded to connect access decisions with business reality," said Scott Kriz, CEO and co-founder of SGNL. "The world needs our technology to eradicate the significant risk that legacy standing privileges expose in today and tomorrow's environments. Joining CrowdStrike provides us with global scale natively through cybersecurity's leading platform to transform enterprise security with Continuous Identity, furthering CrowdStrike's mission of stopping breaches."

After completion, CrowdStrike expects to integrate SGNL's technology and operations into its wider product organisation. The company said the proposed acquisition remains subject to regulatory clearance and other standard closing conditions.

Related stories
Capture The Bug adds US tech leaders for North American push
Cyb3r Operations raises $5.4m to tackle cyber risk
Asimily boosts Cisco ISE with new device microsegmentation
Deepfake boom fuels relentless wave of celebrity scams
Visionplatform.ai adds AI agents to Milestone XProtect

Top stories

Rubrik launches CXO Visionaries for cyber & AI leaders
Lancom gains AoG status for New Zealand government IT
Dropzone AI hires leaders to drive EMEA & APAC push
Cloudflare: outdated apps stifle APAC AI investment gains
Rubrik unveils sovereign cloud to keep sensitive data local