This post was originally published on this site.
CrowdStrike has added a new security control plane for artificial intelligence agents that provides continuous, risk-aware enforcement.
The new Continuous Identity for AI agents, which joins the CrowdStrike Falcon Platform, authorizes every agent action based on who owns it, who is calling it, and real-time risk, the company said in a Monday (June 15) press release.
“Authorize once and trust indefinitely is not a security model; it’s a liability,” CrowdStrike Chief Technology Officer Elia Zaitsev said in the release. “That’s the shift CrowdStrike is driving, from static, one-time access decisions to Continuous Identity.”
Continuous Identity for AI Agents provides verifiable agent identity in which every agent is assigned an automated, secure workload identity; context-aware authorization that evaluates access based on who owns the agent, who is calling it and the risk posture of their device; zero standing privilege that grants access when it’s needed and revokes it when it’s not; and defense in depth that ensures agents operate with only the privileges they need, according to the release.
This new offering is powered by technology CrowdStrike gained with its acquisition of SGNL, according to the release. When announcing the acquisition in a January press release, CrowdStrike said the move would redefine privilege and access for all users.
CrowdStrike said in a Monday blog post that while identity security has long been built around authenticating a user, granting access and trusting that decision until their next login, this model doesn’t work for AI models.
Advertisement: Scroll to Continue
“The speed of these agents, combined with the varying privileges of the humans using them, means a trust decision that was valid at login may no longer be valid moments later,” the post said. “A compromised credential or change in business context can instantly alter risk. It’s not enough to grant access once and assume trust persists.”
The PYMNTS Intelligence report “How Enterprises Can Build a ‘Know Your Agent’ Defense: Digital Identity Verification in the Age of Bots” found that the rise of agentic commerce is exposing weaknesses in traditional identity models.
Nearly 90% of enterprises said bot management is now a major challenge, and outdated digital identity controls are costing businesses nearly $100 billion annually in fraud, false declines and lost customers, according to the report.
