{"id":15470,"date":"2026-01-14T12:08:20","date_gmt":"2026-01-14T12:08:20","guid":{"rendered":"https:\/\/newestek.com\/?p=15470"},"modified":"2026-01-14T12:08:20","modified_gmt":"2026-01-14T12:08:20","slug":"crowdstrike-to-add-browser-security-to-falcon-with-seraphic-acquisition","status":"publish","type":"post","link":"https:\/\/newestek.com\/?p=15470","title":{"rendered":"CrowdStrike to add browser security to Falcon with Seraphic acquisition"},"content":{"rendered":"<div>\n<div id=\"remove_no_follow\">\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<section class=\"wp-block-bigbite-multi-title\">\n<div class=\"container\"><\/div>\n<\/section>\n<p>CrowdStrike has agreed to acquire Israel-based Seraphic Security, a browser runtime security company, to extend its Falcon platform to browser-native enterprise security.<\/p>\n<p>Expected to close by April, the acquisition will allow CrowdStrike to integrate Seraphic\u2019s browser-native protection with its Falcon endpoint telemetry and threat intelligence capabilities. The move comes just days after CrowdStrike announced plans to <a href=\"https:\/\/www.csoonline.com\/article\/4114957\/crowdstrike-to-acquire-sgnl-for-740m-expanding-real-time-identity-security.html\" target=\"_blank\">acquire<\/a> SGNL, a continuous identity authorization company.<\/p>\n<h2 class=\"wp-block-heading\" id=\"browser-as-attack-surface\">Browser as attack surface<\/h2>\n<p>With web browsers increasingly serving as the primary interface for enterprise work, communication, SaaS applications, and AI tools, they are emerging as one of the most exposed layers in corporate IT environments.<\/p>\n<p>\u201cTraditional endpoint controls like EDR focus on the OS level and miss in-session browser activity, while network tools like firewalls can\u2019t inspect HTTPS-encrypted sessions or user actions within apps. They lack visibility into browser telemetry, shadow IT, malicious extensions, and data flows, leaving gaps that attackers exploit via phishing, session hijacking, and zero-days,\u201d said <a href=\"https:\/\/ankura.com\/experts-and-advisors\/amit-jaju\" target=\"_blank\" rel=\"noreferrer noopener\">Amit Jaju<\/a>, global partner\/senior managing director \u2013 India at Ankura Consulting. He added that web browsers pose risks even in controlled environments because they inherently process untrusted internet code, enabling zero-day exploits, malicious extensions acting as supply chain attacks, and credential theft that bypasses perimeter defenses.<\/p>\n<p>CrowdStrike <a href=\"https:\/\/ir.crowdstrike.com\/news-releases\/news-release-details\/crowdstrike-acquire-seraphic-turning-any-browser-secure\" target=\"_blank\" rel=\"noreferrer noopener\">said<\/a> the Seraphic acquisition will allow it to extend the Falcon platform deeper into in-browser activity.\u00a0 With Seraphic, the company aims to transform the SOC by correlating trillions of endpoint signals with deep, in-session browser telemetry. This will allow the Falcon platform to understand user intent, application context, and data flow in real time.<\/p>\n<p>\u201cSeraphic\u2019s true USP lies in its ability to make the browser session itself a governable security surface, rather than treating the browser as a passive extension of the endpoint,\u201d said <a href=\"https:\/\/greyhoundresearch.com\/svg\/\">Sanchit Vir Gogia<\/a>, chief analyst at Greyhound Research. \u201cMost enterprise security stacks stop at device health and identity validation. They confirm who logged in and from what device, but they lose visibility once the user begins interacting inside SaaS applications. Seraphic addresses this by enforcing policy inside the live browser session, covering user actions, session behaviour, and data movement that never touches disk and never triggers network anomalies. When integrated into CrowdStrike Falcon, it moves from detecting threats around user activity to governing behaviour during it.\u201d<\/p>\n<h2 class=\"wp-block-heading\" id=\"gen-ai-altering-browser-risk\">Gen AI altering browser risk<\/h2>\n<p>Generative AI has fundamentally altered the browser risk profile. Gogia noted that the browser is now a bidirectional data exchange, where employees routinely feed sensitive context into AI systems. Most of this activity happens outside formal enterprise governance. <\/p>\n<p>Copying internal data into AI prompts, uploading files for summarisation, or using AI-enhanced browser features has become one of the fastest-growing data leakage paths in organisations. As a result, browser-level enforcement is one of the few practical ways to address this without resorting to unrealistic bans.<\/p>\n<p>CrowdStrike will also integrate SGNL\u2019s continuous authorization technology, enabling permissions to be dynamically granted or revoked on a per-session and risk-level basis.<\/p>\n<p>The two solutions combined will create what the company described as a unified security fabric.<\/p>\n<p>The integration will be designed to secure how generative AI applications and agents are accessed, to prevent shadow AI tools from scraping or exfiltrating sensitive enterprise data. It will also aim to prevent the copying, uploading, or screen-grabbing of sensitive data using AI-based content filtering and granular execution-layer controls, stop session hijacking, sophisticated phishing, and man-in-the-browser attacks at the point of execution by randomizing the browser\u2019s JavaScript engine.<\/p>\n<p>In addition, CrowdStrike will extend protection to unmanaged and BYOD devices by securing the browser session without requiring a full endpoint agent.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>CrowdStrike has agreed to acquire Israel-based Seraphic Security, a browser runtime security company, to extend its Falcon platform to browser-native enterprise security. Expected to close by April, the acquisition will allow CrowdStrike to integrate Seraphic\u2019s browser-native protection with its Falcon endpoint telemetry and threat intelligence capabilities. The move comes just days after CrowdStrike announced plans to acquire SGNL, a continuous identity authorization company. Browser as&#8230; <\/p>\n<p class=\"more\"><a class=\"more-link\" href=\"https:\/\/newestek.com\/?p=15470\">Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-15470","post","type-post","status-publish","format-standard","hentry","category-uncategorized","is-cat-link-borders-light is-cat-link-rounded"],"_links":{"self":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/15470","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=15470"}],"version-history":[{"count":0,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/15470\/revisions"}],"wp:attachment":[{"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=15470"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=15470"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=15470"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}