




















Identity security has long been built around a simple premise: Authenticate a user, grant access, and trust that decision until their next login. While for many this model worked well enough when identities were primarily human and access patterns were predictable, that’s no longer the case for humans and definitely not the case for AI agents.
Modern identities span humans, service accounts, cloud workloads, SaaS applications, APIs, and increasingly, autonomous AI agents operating across cloud infrastructure, SaaS platforms, browsers, and unmanaged devices. These agents can access multiple systems, invoke APIs, interact with SaaS applications, and make autonomous decisions at machine speed.
This creates a challenge for traditional security models. The speed of these agents, combined with the varying privileges of the humans using them, means a trust decision that was valid at login may no longer be valid moments later. A compromised credential or change in business context can instantly alter risk. It’s not enough to grant access once and assume trust persists.
CrowdStrike is redefining identity security with Continuous Identity — delivered through CrowdStrike Falcon® Next-Gen Identity Security — which continuously evaluates identity, device, threat, and business context to determine whether access should be granted, adjusted, or revoked. Today, we are introducing three innovations that extend Continuous Identity across the modern identity attack surface:
Together, these capabilities help organizations continuously verify trust across human, non-human, and AI identities while reducing standing privileges and identity-driven risk.
Continuous Identity for AI Agents introduces a model that eliminates standing privileges and immediately verifies trust for every agent action. This approach helps address emerging AI agent risks including excessive privileges, compromised credentials, unauthorized access, agent-to-agent delegation risks, and access that remains active after risk conditions change.
Using modern identity standards including SPIFFE and the Shared Signals Framework (SSF), every action is authorized in real time based on what the agent is, who the human behind it is, and what the security and business context demands at that moment. This proactive approach controls access before agents can act.
How It Works:
CrowdStrike provides defense in depth for AI agent security with Continuous Identity for AI Agents, delivered through Falcon Next-Gen Identity Security, as well as CrowdStrike Falcon® AI Detection and Response (AIDR). Falcon AIDR continuously inspects prompts and intent to detect permission misuse or attempts to manipulate an LLM beyond its authorized scope, triggering Continuous Identity to revoke access before damage is done.

As organizations expand cloud operations, standing privileges create risk. When privileged access remains available after it is needed, adversaries can exploit compromised credentials or elevated permissions to move laterally and access critical cloud resources.
CrowdStrike is extending modern privileged access to AWS cloud infrastructure. Organizations can eliminate standing AWS privileges and give engineers only the access they need for the session, task, or approved workflow at hand.
How It Works:
This innovation extends Continuous Identity beyond identity providers and into cloud infrastructure by allowing organizations to eliminate standing AWS privileges and grant access only when it is required.

In addition to AI agents, organizations have thousands of NHIs (service accounts, API keys, OAuth tokens, cloud service principals) across their environment. However, ownership, governance, and accountability for these identities are often unclear. Security and identity teams often have the same questions when investigating threats or reviewing access: Who owns this identity? Who do I contact? Can I disable it without breaking production?
Too often, that answer is buried across identity protection metadata, cloud tags, Git history, and ticketing systems. No single system has the complete picture.
Falcon Next-Gen Identity Security automatically maps NHIs to human owners using signals from across the Falcon platform, establishing a formal ownership graph that makes every NHI accountable to a person or team. Unowned NHIs surface as posture findings, which drives accountability without manual overhead.
How It Works:
AI agents demand a new approach to identity security. Organizations can’t rely on static access decisions, periodic reviews, or fragmented controls to secure autonomous systems operating at machine speed. Identity security must continuously evaluate trust, continuously validate access, and continuously enforce policy as conditions change.
CrowdStrike is redefining identity security with Continuous Identity, which transforms identity from a point-in-time decision into a real-time control system. Continuous Identity for AI Agents will extend these capabilities to the agents proliferating across business environments, and it’s backed by defense in depth across the Falcon platform.
Delivered through Falcon Next-Gen Identity Security, Continuous Identity will extend across identity providers, cloud infrastructure, SaaS applications, browser sessions, and remote access workflows — all from a single unified platform.
This blog includes capabilities available today, as well as capabilities expected to be delivered through the ongoing integration of SGNL technology into the CrowdStrike Falcon® platform.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。