Inside CrowdStrike's US$420m Seraphic Acquisition

Cybersecurity giant CrowdStrike is on a quest to be a definitive leader in cyberspace.

Having recently acquired Continuous Identity startup SGNL, CrowdStrike has now signed a definitive agreement to acquire Seraphic Security.

CrowdStrike’s acquisition of Seraphic for approximately US$420m signals an effort to push Falcon’s threat hunting capabilities to the edge and is expected to go through in the first quarter of 2027.  

By acquiring Serpahic Security, a leading browser runtime security startup, the CrowdStrike Falcon platform will now be able to keep out threat actors from the browser.

This is something George Kurtz, CEO and Founder of CrowdStrike, calls the “new front door of the enterprise”.

“It’s where your team spends 85% of their day and where AI agents now operate, yet for most, it remains a massive cybersecurity blind spot,” George says.

“By decoupling security from the browser itself, we can turn any browser into a secure enterprise browser, without forcing change or slowing productivity. 

“With our vast endpoint signals combined with Seraphic’s in-session visibility and SGNL’s dynamic authorisation, we are defining the future of Zero Standing Privilege for the modern agentic workforce.”

Browser-native security: securing the new front-door of the enterprise

The current security models force users into what they call a ‘walled garden’ – enterprise browsers with severe access restrictions.

Another age-old security method includes routing traffic through centralised security firewalls, web gateways and VPNs that drastically increase latency which then slows down work. 

Enter Seraphic’s browser-native strategy.

It enforces security directly within the browser, overcoming the access problem and rooting out lag. 

Seraphic can secure your everyday favourite tool be it Chrome, Edge, Safari, Firefox or agentic browsers on both managed and unmanaged devices.

Seraphic’s next generation Web Data Loss Prevention (DLP) prevents threat actors from copying, uploading or screen grabbing sensitive data using AI-based filtering. 

The combined Seraphic-Falcon platform can stop session hijacking, sophisticated phishing and man-in-the-browser attacks through ingenious randomisation of the browser’s JavaScript Engine. 

Zero-trust enforcement for agentic AI security 

Securing browsers is particularly crucial in the AI age where Gen AI applications and agents regularly access the browser.

Integrating Seraphic into the Falcon platform allows CrowdStrike to move beyond the login screen and follow the user through every tab.

Dynamic continuous identity verification implements a zero-trust identity policy. 

This also allows the Seraphic-powered Falcon platform to prevent shadow AI from scraping sensitive corporate data. 

“The browser is where modern work happens,” says Ilan Yeshua, CEO and Co-Founder of Seraphic. 

“In joining CrowdStrike, we are bringing platform-level protection to the most important execution layer in the enterprise, ensuring that zero trust is a continuous reality, not just a gateway check.”