CrowdStrike has agreed to acquire SaaS security company Adaptive Shield. With this acquisition, CrowdStrike will be the only cybersecurity vendor to provide unified, end-to-end protection against identity-based attacks across the entire modern cloud.
Announced this week at Fal.Con Europe, the acquisition will position CrowdStrike as the leading provider of comprehensive protection across complex hybrid environments.
“As SaaS and AI adoption grows, every new application brings additional complexity and the risk of misconfigurations across human and non-human accounts that create openings for sophisticated attacks,” said CrowdStrike Founder and CEO George Kurtz. “With the acquisition of Adaptive Shield, CrowdStrike will continue to set the standard for identity-based protection in the cloud, delivering best-in-class SaaS protection from the Falcon platform.”
Cloud exploitation cases grew by 110% last year, while identity-based attacks continue to rise – 75% of attacks to gain initial access are now malware-free. Cross-domain adversaries, targeting identity and cloud, have numerous attack paths, from on-premises active directory to cloud-based identity providers and the growing landscape of SaaS applications.
The complexity of modern hybrid cloud environments and disconnected security tools create protection gaps, making it difficult to prevent identity-based threats. SaaS is projected to be the largest category of cloud computing in 2024, capturing more than 40% of all public cloud spending.
Adaptive Shield delivers a complete security posture management and threat protection across SaaS identities, misconfigurations and data, stopping SaaS breaches. As an integrated component of the CrowdStrike Falcon cybersecurity platform, Adaptive Shield will equip CrowdStrike with the most advanced capabilities to stop identity-based attacks across all aspects of modern hybrid cloud environments. Customer benefits will include:
-
Comprehensive SaaS security posture management (SSPM): Organisations gain full visibility and governance over misconfigurations, the entitlements and activity levels of both human and non-human identities, and exposed data across 150+ SaaS applications. This new end-to-end visibility of identities across hybrid cloud environments gives operators unique context for rapid cloud detection and response.
-
GenAI application security control: By continuously monitoring GenAI SaaS applications, Adaptive Shield empowers organizations to enforce consistent security standards by detecting configuration shifts, controlling AI settings to prevent data leakage, and identifying shadow AI applications to revoke access based on their risk profile. This approach ensures that AI-integrated applications remain aligned with security policies to protect sensitive data.
-
Unified hybrid identity and cloud security: The powerful combination of Adaptive Shield and CrowdStrike Falcon Identity Protection will provide customers with comprehensive identity protection across SaaS, on-premises active directory and cloud-based environments (Okta and Microsoft Entra ID). CrowdStrike Falcon Cloud Security customers will also gain unified visibility and protection across the entire modern cloud estate – infrastructure, custom applications, data, AI models and SaaS applications – all from the same unified console and workflow.
-
Existing integration accelerates detection and response: Adaptive Shield’s existing integration with CrowdStrike Falcon Next-Gen SIEM provides rapid first-party detection and response across multiple security domains – endpoints, identities, workloads and applications – automatically correlating detections inline with the latest threat intelligence and Falcon Fusion SOAR delivering near real-time response.
“Widespread adoption of SaaS applications has rapidly expanded the enterprise attack surface, as shared responsibility models and fragmented security controls make SaaS environments a prime target,” said Adaptive Shield Co-founder and CEO Maor Bin. “Our mission perfectly complements CrowdStrike, stopping SaaS breaches while further accelerating consolidation on cybersecurity’s most comprehensive platform. I’m incredibly proud of our team for building the most advanced SaaS security solution, defining the market.”
The purchase price is contemplated to be paid predominantly in cash and includes a portion to be delivered in the form of stock subject to vesting conditions. The proposed acquisition is expected to close during CrowdStrike’s fiscal fourth quarter, subject to customary closing conditions.