Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

I’m delighted to announce CrowdStrike’s intent to acquire Seraphic, the leader in browser runtime security. With this acquisition, we will extend the power of the CrowdStrike Falcon platform into the browser to enforce security within sessions across any browser, on any device. The browser is already the operating system of the enterprise workforce, connecting apps, data, and identity.

As AI agents become increasingly prevalent across business environments, their security is a pressing concern. Among the insidious threats facing AI agents is tool poisoning, a type of attack that exploits the way AI agents interpret and use tool descriptions to guide their reasoning. In this blog, we explain how AI tool poisoning works, the different forms it can take, and how organizations can strengthen their defenses against this type of attack.

I’m excited to announce CrowdStrike’s agreement to acquire SGNL, a leader in identity-first security. This acquisition will extend CrowdStrike Falcon Next-Gen Identity Security to deliver continuous, context-aware authorization for human, non-human, and AI agent identities across SaaS and hyperscaler cloud environments. As risk conditions and threats change, access to applications, data, and AI agents should change with them.

At Fal.Con 2025, CrowdStrike introduced Threat AI, an agentic threat intelligence system of autonomous agents that reason across data, hunt for threats, and take action. As part of our vision for the agentic SOC, these AI-powered agents automate complex intelligence workflows so defenders can keep up with AI-powered adversaries while staying in control of every decision.

Today’s security teams need AI models that can reason over massive telemetry and support autonomous actions. At CrowdStrike, we're working closely with NVIDIA to operationalize NVIDIA Nemotron open models1, building on our existing integration of Nemotron on Amazon Bedrock within the CrowdStrike Falcon platform. This collaboration enables us to rigorously test and adapt large language models (LLMs) for security-specific workloads while maintaining production-grade performance and security.

As IT environments grow more complex and adversaries move faster, security and IT teams need a reliable way to enforce configurations, maintain application health, and resolve issues at scale without writing or maintaining custom scripts. CrowdStrike Falcon for IT already gives operators powerful tools to query endpoints, run remediation, and enforce baseline configurations.

Large language models (LLMs) have revolutionized artificial intelligence and are rapidly transforming the cybersecurity landscape. As these powerful models become commonly used among both attackers and defenders, developing specialized cybersecurity LLMs has become a strategic imperative. The CrowdStrike 2025 Global Threat Report highlights a concerning trend: Threat actors are increasingly enhancing social engineering and computer network operations campaigns with LLM capabilities.

Security teams are at a critical inflection point. AI-enabled adversaries now operate at machine speed, automating phases of the kill chain and scaling attacks faster than human-only workflows can respond. Yet most SOCs still depend on manual triage and investigation processes that cannot keep pace.