Agentic AI,
Artificial Intelligence & Machine Learning,
Identity & Access Management
$740M SGNL Acquisition Enhances Dynamic Identity Management for Human and AI Agents
CrowdStrike, a leading platform security company based in Austin, Texas, is set to acquire SGNL, a startup specializing in continuous identity management led by former Google product manager Scott Kriz. This acquisition, valued at $740 million, aims to enhance real-time, AI-driven access orchestration capabilities.
CrowdStrike’s Chief Business Officer, Daniel Bernard, emphasized the importance of SGNL’s innovative approach to continuous and real-time access control in an era increasingly influenced by AI and machine identities. He noted that SGNL’s unique ability to dynamically manage access for AI agents based on real-time intelligence is unparalleled in the current market.
Bernard described SGNL’s approach as revolutionary, shifting from static permission systems to a model where access is granted or revoked based on current context and threat intelligence. “This concept of continuous and real-time access management was not previously utilized by others,” he stated, reflecting on the implications for security and customer trust.
Founded in 2021, SGNL has grown to 59 employees and secured $42 million in funding, with its latest investment round raising $30 million in February 2025. The company has developed a distinctive identity model known as Zero Standing Privilege (ZSP), where access is not assumed based on job roles but granted solely based on immediate business needs.
Bernard addressed the inadequacies of traditional identity systems, which often operate under the assumption that users require constant access based on their job title or group. By utilizing SGNL’s ZSP framework, organizations can significantly reduce security risks and curb unauthorized access, allowing for autonomous revocation of privileges within milliseconds if threats are detected.
In the shifting landscape of identity management, it is critical that systems evolve to accommodate not just human actors but also machine identities, which require rapid provisioning and centralized control. The need for this flexibility is further highlighted as businesses adapt to increasing dependency on AI agents, which often complete tasks in mere seconds.
Bernard contrasted CrowdStrike’s forward-thinking, AI-first strategy with competitors that rely on retrofitting older technologies for contemporary challenges. He noted that the integration of SGNL into CrowdStrike’s cloud-native architecture enhances their comprehensive security approach, distinguishing them from companies that struggle with the complexities and inefficiencies of legacy systems.
Employing frameworks like the MITRE ATT&CK Matrix, organizations can analyze potential attack tactics utilized during such acquisitions. Techniques such as initial access, privilege escalation, and maintaining persistence may play a role in navigating the complex identity landscape. CrowdStrike’s commitment to a single-platform solution aims to simplify and fortify the identity management process against evolving cyber threats.
