CrowdStrike Acquires XM Cyber IP And Expands European Sovereign Cloud Partnership With Schwarz Digits

By Amit Chowdhry • Yesterday at 7:06 PM

CrowdStrike and Schwarz Digits, the digital and IT division of Schwarz Group, the German retail conglomerate behind Lidl and Kaufland, have announced an expansion of their strategic partnership, including CrowdStrike’s acquisition of the intellectual property of XM Cyber, a Schwarz Digits company specializing in attack path visualization and offensive simulation. The IP acquisition includes more than 45 patents and proprietary source code. CrowdStrike will not acquire XM Cyber’s revenue or customers; XM Cyber will continue operating as a standalone business under an IP license from CrowdStrike. The transaction is expected to close in the second half of CrowdStrike’s fiscal year 2027, subject to regulatory approvals and customary closing conditions.

XM Cyber, recognized as a 2025 Gartner Magic Quadrant Challenger for Exposure Assessment Platforms, built its business around proactive security — mapping the attack paths adversaries could use to move through a network and identifying which exposures are most likely to be exploited in practice. That capability will be integrated into CrowdStrike’s Falcon Exposure Management product, which combines continuous attack surface visibility with exploitability-driven prioritization and response. Existing XM Cyber customers will have a pathway to migrate to the Falcon platform through Falcon Flex, CrowdStrike’s flexible licensing program.

The broader partnership expansion centers on delivering the Falcon platform on STACKIT, Schwarz Digits’ sovereign cloud infrastructure operated within the European Union. A phased roadmap will make the Falcon platform available to European enterprises through STACKIT, addressing growing demand for security solutions that meet EU data sovereignty requirements alongside the elevated compliance bar set by the EU Cyber Resilience Act and NIS2 directive. Schwarz Digits has itself adopted the Falcon platform internally as part of the expanded agreement.

The sovereign cloud dimension is increasingly important in European enterprise security purchasing: organizations subject to EU regulations governing critical infrastructure face pressure to keep data and security operations within EU-controlled environments, which has created demand for cybersecurity vendors capable of delivering their platforms on sovereign infrastructure rather than U.S.-operated hyperscaler cloud services.

KEY QUOTES:

“Organizations globally are increasingly prioritizing sovereignty without wanting to compromise on cybersecurity outcomes. This partnership accelerates our ability to deliver the Falcon platform on STACKIT’s sovereign cloud environment in Europe, and the acquisition furthers our exposure management business. Customers are moving beyond point products for platforms to secure their AI adoption journeys.”

George Kurtz, Chief Executive Officer and Founder, CrowdStrike

“European organizations should not have to compromise on cybersecurity for sovereignty. By making the Falcon platform a core pillar of our cybersecurity strategy and providing a long-term roadmap to host it on STACKIT, we are paving the way for enterprises to systematically adopt AI-native protection. Combining our large-scale infrastructure experience and reach with the industry’s leading security platform, we are uniquely positioned to advance European digital independence.”

Christian Müller, Chief Executive Officer, Schwarz Digits