CrowdStrike has agreed to acquire identity security firm SGNL, aiming to expand its focus on identity protection.
The move comes in the context of organisations increasingly deploying artificial intelligence and non-human identities across cloud environments. The transaction, which remains subject to regulatory approval, is expected to close in CrowdStrike’s first quarter of fiscal year 2027.
Under the terms of the deal, the purchase price will be paid mainly in cash, with a part delivered in CrowdStrike shares that are subject to vesting conditions. Financial details were not disclosed.
The acquisition brings SGNL’s continuous identity and access enforcement capabilities into CrowdStrike’s Falcon platform. SGNL operates as an access control layer between identity providers and software-as-a-service and hyperscale cloud resources, allowing access to be granted or withdrawn based on changing risk conditions rather than static permissions.
Identity security pressures grow with AI adoption
CrowdStrike officials said the move reflects recent changes in enterprise computing, where AI agents and other non-human identities often hold elevated privileges and operate autonomously. In such environments, traditional access models based on standing privileges can leave organisations exposed if access rights are not reassessed as threats evolve.
Industry data cited by the company indicates that identity security is one of the fastest-growing areas of cybersecurity. Research from IDC estimates the market will expand from around USD 29 billion in 2025 to USD 56 billion by 2029, driven in part by the growth of cloud services and automated workloads.
By integrating SGNL, CrowdStrike plans to extend its identity security coverage beyond on-premise directories to cloud identity systems and SaaS platforms. The combined offering is intended to support just-in-time access, continuous risk evaluation, and automated revocation of privileges across hybrid IT environments.
SGNL representatives said the company was established to address the risks created by long-lived access permissions and that joining CrowdStrike would allow its technology to be deployed at a wider scale. CrowdStrike, meanwhile, positions the deal as part of a general strategy to consolidate endpoint, cloud, and identity security within a single platform.
