CrowdStrike launches Continuous Identity for AI Agents with real-time authorization

CrowdStrike Launches Continuous Identity Solution to Police AI Agents | PYMNTS.com

The new Continuous Identity for AI agents, which joins the CrowdStrike Falcon Platform, authorizes every agent action based on who owns it, who is calling it, and real-time risk, the company said in a Monday (June 15) press release. "Authorize once and trust indefinitely is not a security model; it's a liability," CrowdStrike Chief Technology Officer Elia Zaitsev said in the release. "That's the shift CrowdStrike is driving, from static, one-time access decisions to Continuous Identity." Continuous Identity for AI Agents provides verifiable agent identity in which every agent is assigned an automated, secure workload identity; context-aware authorization that evaluates access based on who owns the agent, who is calling it and the risk posture of their device; zero standing privilege that grants access when it's needed and revokes it when it's not; and defense in depth that ensures agents operate with only the privileges they need, according to the release. This new offering is powered by technology CrowdStrike gained with its acquisition of SGNL, according to the release. When announcing the acquisition in a January press release, CrowdStrike said the move would redefine privilege and access for all users. CrowdStrike said in a Monday blog post that while identity security has long been built around authenticating a user, granting access and trusting that decision until their next login, this model doesn't work for AI models. "The speed of these agents, combined with the varying privileges of the humans using them, means a trust decision that was valid at login may no longer be valid moments later," the post said. "A compromised credential or change in business context can instantly alter risk. It's not enough to grant access once and assume trust persists." The PYMNTS Intelligence report "How Enterprises Can Build a 'Know Your Agent' Defense: Digital Identity Verification in the Age of Bots" found that the rise of agentic commerce is exposing weaknesses in traditional identity models. Nearly 90% of enterprises said bot management is now a major challenge, and outdated digital identity controls are costing businesses nearly $100 billion annually in fraud, false declines and lost customers, according to the report.

CrowdStrike launches continuous identity security for AI agents By Investing.com

AUSTIN, Texas & LAS VEGAS - CrowdStrike (NASDAQ:CRWD) announced today a new identity security capability designed to authorize AI agent actions in real time rather than through static access policies. The company introduced Continuous Identity for AI Agents as part of its Falcon Next-Gen Identity Security platform. The system authorizes each agent action based on the agent owner, the caller, and the device risk posture, according to a press release statement.The cybersecurity leader, valued at $176.76 billion, has seen its shares surge 45.66% year-to-date as investors bet on its AI security innovations. Revenue reached $5.09 billion with 23.17% growth in the last twelve months as of Q1 2027. The technology uses the SPIFFE standard to assign cryptographically verifiable identities to AI agents, replacing static credentials such as API keys. Access is granted when needed and revoked immediately after, eliminating what the company describes as standing privileges. "Point-in-time authorization becomes a legacy approach the second agents are given autonomy," said Elia Zaitsev, chief technology officer at CrowdStrike. "Authorize once and trust indefinitely is not a security model; it's a liability." The system evaluates access based on who owns the agent, who calls it, and device risk posture. When an agent delegates to a sub-agent, the authorization context carries through the chain. The capability incorporates technology from CrowdStrike's acquisition of SGNL. The Falcon AI Detection and Response component inspects prompts and intent to detect permission misuse or attempts to manipulate language models beyond authorized scope. CrowdStrike said the system extends risk-aware authorization across human, non-human, and AI agent identities in on-premises, software-as-a-service, browser, and cloud environments. The announcement was made at Identiverse 2026. The press release included forward-looking statements noting that unreleased services or features are subject to change and customers should base purchase decisions on currently available features.Despite the stock's strong momentum, InvestingPro analysis suggests the shares are currently overvalued relative to Fair Value estimates -- placing it among the most overvalued stocks tracked by the platform. Still, 27 analysts have revised earnings upwards, with the company expected to swing to profitability this year. For deeper insights, investors can access CrowdStrike's comprehensive Pro Research Report, available for this and 1,400+ other US equities on InvestingPro. In other recent news, CrowdStrike has been at the center of several significant developments. The cybersecurity company reported first-quarter fiscal 2027 results that exceeded expectations across multiple metrics, including revenue, operating income, and free cash flow. Despite a net new annual recurring revenue of $256 million falling below investor expectations, UBS maintained a Buy rating and raised its price target to $790, citing pipeline strength. Benchmark also increased its price target to $780, highlighting the demand driven by artificial intelligence. However, Berenberg downgraded CrowdStrike from buy to hold, raising concerns about valuation even as they increased the price target to $720. Meanwhile, Piper Sandler reiterated an Overweight rating with a $750 price target, focusing on the demand outlook from projects like Mythos and Project Glasswing. Additionally, the Seattle Sounders FC selected CrowdStrike to enhance cybersecurity operations ahead of the FIFA World Cup 2026. The soccer club will implement CrowdStrike Falcon Complete for managed detection and response services. These recent developments underscore CrowdStrike's strategic positioning and ongoing demand in the cybersecurity sector. This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.

CrowdStrike Unveils Continuous Identity For AI Agents

CrowdStrike announced Continuous Identity for AI Agents, a new CrowdStrike Falcon Next-Gen Identity Security capability that reinforces the CrowdStrike Falcon platform as the identity security control plane for the agentic enterprise. CrowdStrike delivers a fundamentally different model: every agent action continuously authorized in real time based on who owns the agent, who is calling it, and the risk posture of their device ? evaluated against native and third-party risk signals on the Falcon platform. Continuous Identity for AI Agents ? powered by technology from CrowdStrike's recent acquisition of SGNL ? dynamically grants, denies, and revokes access based on real-time risk, eliminating standing privileges entirely. Verifiable Agent Identity: Every agent is assigned a cryptographically verifiable identity based on the SPIFFE standard, an open standard that replaces static credentials like API keys with automated, secure workload identities. Context-Aware Authorization: Access is evaluated based on who owns the agent, who is calling it, and the risk posture of their device. When an agent delegates to a sub-agent, that context is preserved throughout the chain. Zero Standing Privilege: Access is granted the moment it?s needed and revoked the moment it?s not. Defense in Depth: Continuous Identity ensures agents operate with only the privileges they need. Falcon AI Detection and Response (AIDR) continuously inspects prompts and intent to detect permission misuse or attempts to manipulate an LLM beyond its authorized scope, triggering Continuous Identity to revoke access before damage is done. Continuous Identity for AI Agents extends CrowdStrike?s risk-aware authorization across every identity ? human, non-human, and AI agent ? from initial access to privilege escalation and lateral movement spanning on-prem, SaaS, browser, and cloud environments.