CrowdStrike announced the launch of Continuous Identity for AI Agents, a new capability within CrowdStrike Falcon Next-Gen Identity Security designed to help enterprises secure autonomous AI agents as they interact with tools, data, APIs, and other systems.
The capability reinforces the CrowdStrike Falcon platform as an identity security control plane for what the company describes as the agentic enterprise. As organizations increasingly deploy AI agents that can act independently and at high speed, CrowdStrike said traditional identity models based on static policies and standing privileges are becoming insufficient.
Continuous Identity for AI Agents is designed to authorize every agent action in real time based on multiple layers of context. This includes who owns the agent, who is calling the agent, and the current risk posture of the device involved. The system evaluates these factors using native and third-party risk signals across the Falcon platform.
CrowdStrike said the new capability moves enterprises away from point-in-time authorization and toward continuous, risk-aware enforcement. Rather than granting broad access that remains in place indefinitely, Continuous Identity dynamically grants, denies, and revokes access as conditions change.
The technology is powered in part by CrowdStrike’s recent acquisition of SGNL. The capability is intended to eliminate standing privileges by giving AI agents access only when needed and revoking that access when it is no longer required.
A key component of the offering is verifiable agent identity. Each agent is assigned a cryptographically verifiable identity based on the SPIFFE standard, an open standard for workload identity. CrowdStrike said this approach replaces static credentials such as API keys with automated and secure workload identities.
The capability also supports context-aware authorization. Access decisions are based on the agent owner, the caller, and the device risk posture. When an AI agent delegates work to a sub-agent, the authorization context is preserved throughout the chain.
CrowdStrike said Continuous Identity for AI Agents also adds a defense-in-depth layer when used with Falcon AI Detection and Response. Falcon AIDR continuously inspects prompts and intent to identify permission misuse or attempts to manipulate a large language model beyond its authorized scope. When suspicious activity is detected, Continuous Identity can revoke access before damage occurs.
The new capability extends CrowdStrike’s risk-aware authorization model across human identities, non-human identities, and AI agents. CrowdStrike said this coverage spans initial access, privilege escalation, and lateral movement across on-premises, SaaS, browser, and cloud environments.
KEY QUOTES:
“AI agents are transforming how work gets done, and how identities must be secured. Point-in-time authorization becomes a legacy approach the second agents are given autonomy. Authorize once and trust indefinitely is not a security model; it’s a liability. That’s the shift CrowdStrike is driving, from static, one-time access decisions to Continuous Identity.”
Elia Zaitsev, Chief Technology Officer of CrowdStrike
