CrowdStrike Holdings, Inc. (CRWD) is making a move to shore up identity security vulnerabilities that legacy systems weren't built to handle. The cybersecurity company announced Thursday it will acquire SGNL, a specialist in next-generation identity protection, in a deal structured primarily as cash with some stock included. Financial terms weren't disclosed.

The acquisition addresses a growing problem: traditional access control systems rely on static privileges that can't keep pace with the dynamic threats posed by AI agents operating in cloud and SaaS environments. CrowdStrike argues these standing privileges create exploitable gaps that modern security architectures need to eliminate.

Real-Time Authorization at Scale

SGNL's technology will enable CrowdStrike to grant and revoke privileges dynamically based on continuous risk signals flowing through its Falcon platform. The system correlates identity, device, and threat data across endpoints, cloud infrastructure, and SaaS applications to make adaptive authorization decisions in real time.

CrowdStrike CEO George Kurtz explained that SGNL will help close security gaps that legacy models leave exposed as AI agents gain deeper access to enterprise systems. SGNL co-founder and CEO Scott Kriz noted that outdated privilege models create unnecessary risk, and partnering with CrowdStrike's scale offers an opportunity to transform enterprise security architecture.

The market wasn't particularly enthusiastic about the news. CrowdStrike shares dropped 3.28% to $463.18 on Thursday following the announcement.