5 Big Things To Know On CrowdStrike’s Latest Acquisitions

The company’s acquisition deals totaling $1.16 billion for identity security startup SGNL and browser security firm Seraphic were coordinated, as a way to comprehensively boost security around user access, CrowdStrike Chief Business Officer Daniel Bernard tells CRN.

The pair of acquisition deals announced by CrowdStrike over the course of a week—totaling $1.16 billion—is part of a coordinated strategy by the cybersecurity giant to comprehensively boost security around user and agentic access on its Falcon platform, according to CrowdStrike Chief Business Officer Daniel Bernard.

In an interview with CRN, Bernard discussed the Jan. 8 acquisition deal for identity security startup SGNL and the Jan. 13 acquisition deal for browser security technology startup Seraphic.

The company said the $740 million deal for SGNL and the $420 million deal for Seraphic will both be “predominantly” paid in cash. Both deals are expected to be completed during the first quarter of CrowdStrike’s fiscal year, which closes April 30.

What follows are five big things to know about CrowdStrike’s latest acquisitions.

Not Isolated Deals

CrowdStrike’s back-to-back agreements to acquire SGNL and Seraphic were coordinated, given the cohesion around securing user access that the two startups will provide once integrated onto the Falcon platform, according to CrowdStrike.

The capabilities offered by SGNL and Seraphic “go together,” Bernard said. “There’s a strategy.”

With the technologies from the two startups combined with existing capabilities on the Falcon platform, CrowdStrike will be able to provide a unified set of tools to improve access security—something that will be increasingly critical as adoption of AI agents ramps up, according to Bernard.

Identity and access for agents have been pinpointed as one of the biggest risks of the new technology, given the threat that could be posed by an agent that does not have appropriate permissions and access controls.

Reimagining Zero Trust

Ultimately, once the deals are completed, CrowdStrike will be looking to bring the startups’ capabilities together to “reimagine zero trust in this new world,” Bernard said.

“The problem space of SGNL is, who is the user—human and non-human—and what do they have access to? And the problem space of Seraphic is, how are they accessing everything?” he said.

“Putting these things together, I think, lays out a very clear vision to the market and to our partners,” Bernard said.

SGNL Brings ‘Continuous’ Identity Security

Founded in 2021, SGNL provides a runtime access enforcement functionality that connects identity providers with SaaS and hyperscale infrastructure. The startup’s capabilities provide “continuous” identity security for human users as well as non-human identities and AI identities, ultimately allowing SGNL to serve as the “new motherboard for identity,” Bernard said.

Key capabilities from SGNL include enabling access for users and agents to be continuously granted, or removed, in real time based on risk, he said.

“What SGNL represents is a next-gen approach to identity,” Bernard said. “Really what that means is establishing continuous identity, dynamically granting privilege and access and being able to revoke that—so you can actually live in a world of zero standing privileges.”

Seraphic Can Secure ‘Any Browser’

Founded in 2020, Seraphic offers secure enterprise browser technologies delivered via a simplified architecture and reduced cost, according to CrowdStrike.

Seraphic’s capabilities—including secure web gateway, zero-trust network access and cloud access security browser—also can provide secure access to SaaS-based and private web applications, the startup has said.

Such capabilities are crucial, given that for many organizations, the browser has “become the new front door of the enterprise,” Bernard said.

Previous approaches have often involved forcing employees to use a specific enterprise browser with built-in security, or deploying a browser plugin, he noted.

Seraphic, on the other hand, specializes in “wrapping the browser” with its security capabilities, Bernard said. “So you can use any browser you want, and turn any browser into a secure browser.”

Platform Strategy

Ultimately, the pair of newly announced acquisitions serve to reinforce CrowdStrike’s platform- and partner-focused strategy, Bernard said.

As with other capabilities offered by CrowdStrike, the technologies from SGNL and Seraphic will be tightly integrated onto the Falcon platform and designed to work best together, he said.

“I think what it drives is the consolidation that customers are looking for in their stacks,” Bernard said. “That’s the consolidation and the focus that we’re also seeing reflected in partners.”

The deals also bring CrowdStrike to a total of four acquisitions announced since August. That month, CrowdStrike disclosed it had reached a $290 million deal to acquire a startup that provides data pipeline management, Onum.

Then in September, CrowdStrike announced a $260 million agreement to acquire Pangea, a startup that offers guardrails for GenAI-powered applications.