CrowdStrike has signed a definitive agreement to acquire Seraphic Security, a move that aims to turn any web browser into a secure, enterprise-grade workspace without disrupting user choice or productivity. The acquisition extends CrowdStrike’s Falcon® platform directly into the browser, increasingly the primary environment where work, collaboration and AI agents operate.
As browsers have become the execution layer for modern applications and generative AI tools, they have also emerged as a major security blind spot. CrowdStrike notes that employees now spend up to 85% of their workday in the browser, yet most security controls still stop at the endpoint or network perimeter. By integrating Seraphic’s browser runtime protection with Falcon’s endpoint telemetry and threat intelligence, alongside SGNL’s continuous authorisation capabilities, CrowdStrike plans to deliver a unified next-generation identity and access security model.
George Kurtz, CEO and founder of CrowdStrike, said organisations face a growing tension between flexibility and security. “Users want to work in the browser of their choice,” he said. “Seraphic allows us to decouple security from the browser itself, so any browser can become a secure enterprise browser without forcing change or slowing productivity. By combining Falcon’s endpoint signals, Seraphic’s in-session visibility and SGNL’s dynamic authorisation, we are defining the future of Zero Standing Privilege for the modern, agentic workforce.”
Securing the enterprise’s new front door
Traditional approaches to browser security often rely on “walled garden” enterprise browsers or high-latency network routing, both of which can frustrate users and hinder adoption. Seraphic takes a different approach by enforcing security controls directly inside the browser runtime, whether Chrome, Edge, Safari, Firefox or emerging agentic browsers. Crucially, this protection applies across both managed and unmanaged devices, addressing a long-standing gap around contractors and bring-your-own-device (BYOD) environments.
Once integrated into the Falcon platform, Seraphic will enable CrowdStrike to correlate trillions of endpoint signals with deep, real-time browser telemetry. This allows security teams to understand user intent, application behaviour and data flows at the moment they occur. When combined with SGNL’s continuous authorisation, access decisions are no longer static; privileges can be granted and revoked dynamically on a per-session basis as risk conditions change.
Designed for the AI and agentic era
CrowdStrike positions the acquisition as a response to the rapid rise of AI-driven work. By securing the browser layer, organisations can better protect enterprise AI usage, prevent shadow AI tools from scraping sensitive data, and enforce Zero Trust policies beyond the login screen. The combined capabilities are expected to support next-generation web data loss prevention (DLP), disrupt session hijacking and man-in-the-browser attacks, and introduce fine-grained controls that persist across every browser tab.
Ilan Yeshua, CEO and co-founder of Seraphic, said the partnership reflects how work itself has evolved. “The browser is where modern work happens,” he said. “By joining CrowdStrike, we’re bringing platform-level protection to the most important execution layer in the enterprise, making zero trust a continuous reality rather than a one-time gateway check.”
With this acquisition, CrowdStrike is signalling a broader shift in enterprise security architecture—from perimeter-based controls to continuous, identity-driven protection that spans endpoints, browsers and cloud services. As AI agents and human users increasingly share the same digital workspace, securing the browser may prove central to defending the modern enterprise.