{"id":15442,"date":"2026-01-09T12:12:14","date_gmt":"2026-01-09T12:12:14","guid":{"rendered":"https:\/\/newestek.com\/?p=15442"},"modified":"2026-01-09T12:12:14","modified_gmt":"2026-01-09T12:12:14","slug":"crowdstrike-to-acquire-sgnl-for-740m-expanding-real-time-identity-security","status":"publish","type":"post","link":"https:\/\/newestek.com\/?p=15442","title":{"rendered":"CrowdStrike to acquire SGNL for $740M, expanding real-time identity security"},"content":{"rendered":"<div>\n<div id=\"remove_no_follow\">\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<section class=\"wp-block-bigbite-multi-title\">\n<div class=\"container\"><\/div>\n<\/section>\n<p>CrowdStrike will pay $740 million to acquire identity security startup SGNL, adding real-time authorization capabilities that grant and revoke access based on current risk conditions rather than static permissions.<\/p>\n<p>The deal, expected to close in CrowdStrike\u2019s fiscal first quarter ending April 30, will be paid mostly in cash with some stock subject to vesting, <a href=\"https:\/\/www.crowdstrike.com\/en-us\/press-releases\/crowdstrike-to-acquire-sgnl-to-transform-identity-security-for-ai-era\/\" target=\"_blank\" rel=\"noreferrer noopener\">CrowdStrike said in a statement<\/a>.<\/p>\n<p>SGNL\u2019s technology sits between identity providers and resources, evaluating access requests using contextual data, including user behavior, device posture, and threat intelligence.<\/p>\n<p>The acquisition reflects growing concern about non-human identities such as service accounts, API keys, and AI agents that operate with broad permissions across cloud environments. Machine identities now outnumber human identities by as much as 82 to 1 in some environments, according to industry estimates cited by Gartner.<\/p>\n<p>\u201cAI agents operate with superhuman speed and access, making every agent a privileged identity that must be protected,\u201d CrowdStrike CEO George Kurtz said in the statement.<\/p>\n<h2 class=\"wp-block-heading\" id=\"filling-a-capability-gap\">Filling a capability gap<\/h2>\n<p>CrowdStrike is adding SGNL\u2019s capabilities to address this risk. The technology works with existing identity systems from Okta, Microsoft, and AWS rather than replacing them.<\/p>\n<p>\u201cThis isn\u2019t just consolidation \u2014 it fills a real gap in dynamic, risk-aware authorization,\u201d said Meng Liu, senior analyst at Forrester. \u201cAs AI agents and insider threats rise, static IAM is no longer enough.\u201d<\/p>\n<p>The approach differs from traditional identity and access management, which typically authenticates users at login and relies on periodic access reviews. SGNL evaluates access continuously, revoking privileges immediately when conditions change. For instance, if CrowdStrike\u2019s Falcon platform detects suspicious endpoint activity.<\/p>\n<p>\u201cSGNL offers continuous, contextual authorization that can make split-second decisions based on real-time signals, something traditional IAM systems have struggled with,\u201d said Apeksha Kaushik, principal analyst at Gartner. Gartner predicts that by 2028, 25% of enterprise breaches will be traced to AI agent abuse from both external and malicious internal actors.<\/p>\n<p>Analysts argue that the acquisition will not make CrowdStrike a competitor for IAM platforms. \u201cThis fills a specific capability gap around real-time identity threat detection and enforcement, an area where traditional IAM platforms are comparatively static,\u201d said Arjun Chauhan, practice director at Everest Group. \u201cMicrosoft and Okta primarily own identity lifecycle management, authentication, and access governance.\u201d<\/p>\n<h2 class=\"wp-block-heading\" id=\"market-consolidation-accelerates\">Market consolidation accelerates<\/h2>\n<p>The $740 million price reflects broader consolidation as cybersecurity vendors race to expand identity capabilities. The deal marks the latest in a wave of identity security acquisitions as platform vendors expand beyond core products. Liu compared the move to Palo Alto Networks\u2019 acquisition of CyberArk in 2025, noting both vendors are racing to combine detection and enforcement into a single platform.<\/p>\n<p>\u201cIdentity has become the center of gravity in cybersecurity,\u201d said John Paul Cunningham, CISO at Silverfort. \u201cWe\u2019re seeing clear segmentation emerge: pure identity security players, hybrid vendors trying to bolt identity into existing products, and large platform companies like Palo Alto Networks and now CrowdStrike expanding as part of broader security ecosystems.\u201d<\/p>\n<p>The identity security market is expected to grow from approximately $29 billion in 2025 to $56 billion by 2029, according to IDC data cited by CrowdStrike. The $740 million price follows <a href=\"https:\/\/www.computerworld.com\/article\/1646566\/noteworthy-technology-acquisitions-2021.html\">Okta\u2019s $6.5 billion purchase of Auth0<\/a> in 2021 and <a href=\"https:\/\/www.csoonline.com\/article\/571851\/top-cybersecurity-manda-deals-for-2022.html\">Thoma Bravo\u2019s $2.3 billion take-private of ForgeRock<\/a> in 2023.<\/p>\n<p>SGNL was founded by former Google employees and raised approximately $75 million from Costanoa Ventures and CRV before the acquisition.<\/p>\n<h2 class=\"wp-block-heading\" id=\"enterprise-adoption-questions\">Enterprise adoption questions<\/h2>\n<p>Whether continuous authorization becomes standard practice depends partly on how rapidly non-human identities proliferate. \u201cThe urgency is real, but uneven across enterprises,\u201d Chauhan said. \u201cIn client conversations, we increasingly see interest in adaptive and continuous authorization, especially in regulated industries, digital-native enterprises, and organizations with high levels of third-party or machine identity access.\u201d<\/p>\n<p>Most enterprises are not replacing traditional IAM. \u201cInstead, they are layering real-time controls on top of existing IAM to address gaps around insider risk, session-level anomalies, and post-authentication compromise,\u201d Chauhan said.<\/p>\n<p>The practical challenge is defining policies that adapt to dynamic conditions. Unlike role-based access control, continuous authorization requires organizations to establish baseline behavior patterns and acceptable risk thresholds.<\/p>\n<p>Integration details remain unclear. CrowdStrike has not disclosed when SGNL capabilities will be available to Falcon customers, whether they require additional licensing, or what changes to existing IAM configurations may be necessary.<\/p>\n<p>The acquisition is part of CrowdStrike\u2019s platform expansion spree following the <a href=\"https:\/\/www.cio.com\/article\/3476789\/crowdstrike-failure-what-you-need-to-know.html\">July 2024 software update incident<\/a> that caused widespread Windows system outages. The company reported fiscal third-quarter annual recurring revenue of $4 billion in December, up 25% year-over-year. <\/p>\n<p>\u201cThis should primarily be viewed as long-term platform expansion rather than a short-term recovery signal,\u201d Chauhan said. \u201cCrowdStrike has been steadily positioning itself as a broader cybersecurity platform for several years. The acquisition reinforces that trajectory and helps reduce overreliance on endpoint security alone.\u201d<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>CrowdStrike will pay $740 million to acquire identity security startup SGNL, adding real-time authorization capabilities that grant and revoke access based on current risk conditions rather than static permissions. The deal, expected to close in CrowdStrike\u2019s fiscal first quarter ending April 30, will be paid mostly in cash with some stock subject to vesting, CrowdStrike said in a statement. SGNL\u2019s technology sits between identity providers&#8230; <\/p>\n<p class=\"more\"><a class=\"more-link\" href=\"https:\/\/newestek.com\/?p=15442\">Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-15442","post","type-post","status-publish","format-standard","hentry","category-uncategorized","is-cat-link-borders-light is-cat-link-rounded"],"_links":{"self":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/15442","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=15442"}],"version-history":[{"count":0,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/15442\/revisions"}],"wp:attachment":[{"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=15442"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=15442"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=15442"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}