CrowdStrike announced Continuous Identity for AI Agents, a new CrowdStrike Falcon® Next-Gen Identity Security capability that reinforces the CrowdStrike Falcon® platform as the identity security control plane for the agentic enterprise.
As AI agents operate with superhuman speed and access, legacy models built on static policies and standing privileges break down – granting access without context, blind to real-time risk. CrowdStrike delivers a fundamentally different model: every agent action continuously authorized in real time based on who owns the agent, who is calling it, and the risk posture of their device – evaluated against native and third-party risk signals on the Falcon platform.
“AI agents are transforming how work gets done, and how identities must be secured,” said Elia Zaitsev, Chief Technology Officer, CrowdStrike. “Point-in-time authorization becomes a legacy approach the second agents are given autonomy. Authorize once and trust indefinitely is not a security model; it’s a liability. That’s the shift CrowdStrike is driving, from static, one-time access decisions to Continuous Identity.”
Securing AI Agent Identities
AI agents invoke tools, access sensitive data, call APIs, and delegate to sub-agents at machine speed with system-level privilege. Legacy access models were never built to control this. Continuous Identity for AI Agents – powered by technology from CrowdStrike’s recent acquisition of SGNL – dynamically grants, denies, and revokes access based on real-time risk, eliminating standing privileges entirely.
- Verifiable Agent Identity: Every agent is assigned a cryptographically verifiable identity based on the SPIFFE standard, an open standard that replaces static credentials like API keys with automated, secure workload identities.
- Context-Aware Authorization: Access is evaluated based on who owns the agent, who is calling it, and the risk posture of their device. When an agent delegates to a sub-agent, that context is preserved throughout the chain.
- Zero Standing Privilege: Access is granted the moment it’s needed and revoked the moment it’s not.
- Defense in Depth: Continuous Identity ensures agents operate with only the privileges they need. Falcon® AI Detection and Response (AIDR) continuously inspects prompts and intent to detect permission misuse or attempts to manipulate an LLM beyond its authorized scope, triggering Continuous Identity to revoke access before damage is done.
Continuous Identity for AI Agents extends CrowdStrike’s risk-aware authorization across every identity – human, non-human, and AI agent – from initial access to privilege escalation and lateral movement spanning on-prem, SaaS, browser, and cloud environments.
To learn more about how CrowdStrike is transforming identity security for the agentic era, read our blog and visit here.
Forward-Looking Statements
This press release may include discussion of unreleased services or features. Any unreleased services or features referenced here are still in development and subject to change. Customers should make their purchase decisions based upon features that are currently available.
