TL;DR
CrowdStrike announced a purchase of identity security startup SGNL in a deal reported at roughly $740 million, intended to add contextual, real-time authorization for human, machine, and AI agent identities to its Falcon platform. The acquisition reflects growing concern about identity-based attacks and the need to govern proliferating non-human identities.
What happened
CrowdStrike revealed plans to buy SGNL, a startup focused on context-aware authorization, in a transaction reported at about $740 million (the report also referenced a $750 million figure). CrowdStrike says the acquisition will expand identity capabilities within its Falcon cloud security offering to continuously assess identity risk and dynamically grant or revoke privileges for humans, machines and AI agents. SGNL was founded by Scott Kriz and Erik Gustavson in 2021 and had raised about $42 million from investors, including a $30 million round in February, according to PitchBook. Company leaders argue that while authentication is largely commoditized, authorization — deciding what an identity can do in context — remains unresolved. Analysts cited in the coverage called the move strategically sensible but costly, linked it to standards such as the OpenID Foundation’s Shared Signals Framework (SSF), and framed it as part of a broader industry push to make identity a primary control plane in security platforms.
Why it matters
- Identity-based attacks are rising and pose a major risk as both human and non-human identities proliferate.
- Real-time, context-aware authorization aims to limit privileges dynamically, addressing compromised tokens or sessions even after successful authentication.
- Integrating identity controls into a major security platform signals a shift toward placing authorization in the access path, not only detection.
- Standards like the Shared Signals Framework may enable cross-vendor sharing of risk signals to improve threat response and enforcement.
Key facts
- CrowdStrike announced a planned purchase of SGNL; the coverage cites a ~$740 million figure and also references a $750 million purchase price.
- SGNL was founded in 2021 by Scott Kriz and Erik Gustavson.
- PitchBook indicates SGNL had raised around $42 million in funding, including a $30 million round in February.
- CrowdStrike says SGNL technology will add context-aware authorization capabilities to its Falcon cloud security platform for human, machine, and AI agent identities.
- Analysts described the acquisition as strategically important for identity security but noted the price is high for an emerging startup.
- The OpenID Foundation’s Shared Signals Framework (SSF) is highlighted as relevant to SGNL’s approach to sharing dynamic risk signals.
- Microsoft reported identity-based attacks rose 32% in H1 2025; Cisco-owned Duo described an 'identity crisis' amid escalating login attacks, per the coverage.
- The report notes an industry trend of attackers targeting non-human identities (workloads, service accounts, certificates) that often hold high privileges.
- This is CrowdStrike’s second acquisition tied to AI security in about two years; the company announced plans to buy Pangea in September.
What to watch next
- Timeline for integrating SGNL’s authorization features into CrowdStrike Falcon: not confirmed in the source
- Whether the deal requires regulatory approval or faces other closing conditions: not confirmed in the source
- How customers respond to new identity controls and whether adoption of SSF-based signal sharing accelerates across vendors: not confirmed in the source
Quick glossary
- Authentication: The process of verifying the identity of a user or system, typically via credentials such as passwords, tokens, or certificates.
- Authorization: Determining what actions or resources an authenticated identity is allowed to access, often based on roles, policies, or contextual signals.
- Non-human identities: Machine-based accounts like service accounts, workloads, certificates, and AI agents that act on behalf of applications or processes.
- Shared Signals Framework (SSF): An OpenID Foundation standard designed to let security tools share risk signals in real time to support risk-based authentication and authorization.
- Zero standing privilege: A security principle that minimizes always-on privileges by granting access only for the time and scope required, often using dynamic controls.
Reader FAQ
How much is CrowdStrike paying for SGNL?
The coverage reports the deal at about $740 million and also references a $750 million purchase price.
What does SGNL specialize in?
SGNL focuses on context-aware, real-time authorization for human and non-human identities to manage privileges dynamically.
When was SGNL founded and who started it?
SGNL was founded in 2021 by Scott Kriz and Erik Gustavson.
When will the acquisition close?
not confirmed in the source
SECURITY 1 As agents run amok, CrowdStrike's $740M SGNL deal aims to help get a grip on identity security Authentication is basically solved. Authorization is another thing entirely… Jessica Lyons…
Sources
- As agents run amok, CrowdStrike's $740M SGNL deal aims to help get a grip on identity security
- CrowdStrike Acquires Security Startup SGNL For $740 …
- CrowdStrike to acquire SGNL to expand identity security for …
- CrowdStrike to Acquire SGNL to Transform Identity Security …
Related posts
- Texas court briefly bars Samsung from TV tracking, then vacates TRO
- Texas Supreme Court Drops ABA Oversight of Law Schools, First State to Act
- MAGA and Trump Officials Push an Alternate Account of ICE Shooting in Minneapolis