IT Brief Asia - Technology news for CIOs & IT decision-makers
Asia

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Laptop with secure browser windows and locks cybersecurity scene
#
Endpoint Protection
#
PAM
#
Cloud Security

CrowdStrike to buy Seraphic to secure browser sessions

Wed, 14th Jan 2026
Author image
By Joseph Gabriel Lagonsin, News Editor

CrowdStrike has agreed to acquire Seraphic Security in a move that extends its security platform into the web browser.

The deal follows CrowdStrike's plan to acquire SGNL, which it announced last week. CrowdStrike said it intends to combine Seraphic's in-session browser protection with SGNL's identity technology.

CrowdStrike said the browser has become the place where employees access applications and communicate. It also said it has become a key point of execution for AI agents.

The company positions the combination as part of a "Next-Gen Identity Security strategy". It said it expects the approach to cover activity across endpoints, browser sessions and cloud services.

Browser focus

CrowdStrike described the browser as a major security gap for many organisations. It said most of the workday happens in the browser. It said current approaches often steer staff into managed enterprise browsers or route traffic across networks in ways that create delays.

Seraphic focuses on what it calls browser runtime security. CrowdStrike said Seraphic enforces security in the browser runtime across Chrome, Edge, Safari and Firefox. CrowdStrike also referenced "agentic browsers" and said the approach applies to both managed and unmanaged devices.

CrowdStrike said it plans to integrate Seraphic's browser-native protection with telemetry and threat intelligence from its Falcon platform. It also said it plans to combine that with SGNL's continuous authorisation technology.

The company said the combined approach will link endpoint signals and browser telemetry. It said this will extend visibility into what happens during a browser session.

Identity approach

CrowdStrike said it expects the integration to change how access decisions get made during a session. It said SGNL's technology supports continuous authorisation. It said permissions can change per session and per risk signal.

The company said it expects access to be revoked when risk changes. It said this reduces reliance on static permissions.

Product scope

CrowdStrike listed several areas it expects to address once Seraphic becomes part of Falcon. It said the browser layer plays a role in enterprise use of generative AI. It said it aims to secure access to GenAI applications and agents. It said it aims to prevent "shadow AI" activity that can scrape or move sensitive corporate data.

It also referenced "In-Session Zero Trust Enforcement". It said this means checks that persist beyond login. It said policies can follow users across tabs.

Another area in the announcement focused on web data loss prevention. CrowdStrike said it expects controls that prevent copying, uploading or screen-grabbing of sensitive data. It said the approach uses AI-based content filtering and execution-layer controls.

CrowdStrike also described a set of threats that happen within a session. It cited session hijacking, phishing and man-in-the-browser attacks. It said Seraphic counters this by "randomizing the browser's JavaScript engine".

The company also highlighted use cases involving contractors and third parties. It said the browser session can be secured without a full endpoint agent. It described this as "agentless-style" protection for unmanaged and BYOD environments.

Executive comments

CrowdStrike said it expects the acquisition to allow customers to use their preferred browser while applying security controls during the session.

"Productivity requires flexibility and security; users want to work in their browser of choice. Seraphic delivers exactly that," said George Kurtz, CEO and Founder, CrowdStrike.

"By decoupling security from the browser itself, we can turn any browser into a secure enterprise browser, without forcing change or slowing productivity. With our vast endpoint signals combined with Seraphic's in-session visibility and SGNL's dynamic authorization, we are defining the future of Zero Standing Privilege for the modern agentic workforce," said Kurtz.

Seraphic framed the deal around shifting security controls to where work gets executed. "The browser is where modern work happens," said Ilan Yeshua, CEO and Co-Founder, Seraphic.

"In joining CrowdStrike, we are bringing platform-level protection to the most important execution layer in the enterprise, ensuring that zero trust is a continuous reality, not just a gateway check," said Yeshua.

Deal terms

CrowdStrike said the purchase price will be paid predominantly in cash. It also said part of the consideration will come in stock, subject to vesting conditions.

CrowdStrike said it expects the acquisition to close during its first quarter of fiscal 2027, subject to customary closing conditions.

Related stories
ExLabs picks SpacePilot to steer autonomous Apophis bid
BriefCatch buys WordRake tech to expand legal editing
Aurasell unveils AI-native GTM OS overlay for CRMs
UK CIOs struggle to govern surge in business AI agents
AI romance scams surge on UK dating apps, says study

Top stories

Bitget unveils GracyAI avatar to guide crypto users
Budget 2026 to drive AI adoption & skills in Singapore
Xiid & Cytex link AI governance with zero trust access
Brinqa brings exposure management platform to Google Cloud
Human skills top workplace learning priorities for 2026