CrowdStrike has announced its latest move in cybersecurity by acquiring Seraphic Security. With workspaces increasingly migrating online, the browser has emerged as a hub for professional activities, hosting modern applications and AI operations.
The integration of Seraphic's browser-native protection into CrowdStrike's Falcon platform aims to extend security coverage at the browser layer. Combined with SGNL’s continuous authorisation technology, it aims to provide a unified identity security framework spanning endpoints and cloud interactions.
George Kurtz, CEO and founder of CrowdStrike, highlighted the synergy between productivity and security: "With SGNL, CrowdStrike will deliver continuous, real-time access control that eliminates the known and unknown gaps from legacy standing privileges." He further highlights the benefit of decoupling security from the browser, enhancing enterprise adaptability without compromising efficiency.
Traditional models remain restrictive, either corralling users within "walled garden" enterprise systems or resorting to cumbersome network solutions. Seraphic aims to embed security measures directly within any browser to combat this– from Chrome to Firefox, on both managed and unmanaged devices.
Harnessing Seraphic’s in-session telemetry, CrowdStrike's Falcon platform seeks to enhance Security Operations Centers (SOCs) by integrating endpoint signals to provide context-aware security measures. Coupled with SGNL's continuous authorisation technique, this approach seeks to enable adaptive access permissions, offering dynamic, real-time security adjustments and mitigating threats proactively.
Intended Benefits for AI-Era Enterprises
- Protecting Enterprise AI: By securing how generative AI applications and agents are accessed, shadow AI threats are addressed effectively.
- In-Session Zero Trust Enforcement: Continuous identity verification extends beyond login limitations, allowing for stringent security across all browsing activities.
- Next-Gen Web DLP: AI-driven content filtering prevents unauthorised data sharing, offering granular controls over sensitive information flows.
- Disrupting Session Threats: Tactics such as session hijacking and sophisticated phishing are neutralised by manipulating the JavaScript engine.
- Security for Unmanaged and BYOD: Contractors and third-party entities receive agentless protection, securing browser sessions without the need for endpoint installations.
Ilan Yeshua, CEO and co-founder of Seraphic, emphasised the importance of browser-level security. Now part of CrowdStrike, Seraphic aims to deliver zero-trust protection, ensuring defence mechanisms within enterprise infrastructures.
