惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Security @ Cisco Blogs
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
T
Tenable Blog
C
CERT Recently Published Vulnerability Notes
T
Threatpost
C
Cisco Blogs
Know Your Adversary
Know Your Adversary
T
Tor Project blog
博客园 - 司徒正美
有赞技术团队
有赞技术团队
T
Tailwind CSS Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
宝玉的分享
宝玉的分享
博客园 - 三生石上(FineUI控件)
L
LangChain Blog
C
Cybersecurity and Infrastructure Security Agency CISA
Stack Overflow Blog
Stack Overflow Blog
Microsoft Security Blog
Microsoft Security Blog
AWS News Blog
AWS News Blog
人人都是产品经理
人人都是产品经理
P
Proofpoint News Feed
酷 壳 – CoolShell
酷 壳 – CoolShell
A
Arctic Wolf
L
LINUX DO - 热门话题
C
Cyber Attacks, Cyber Crime and Cyber Security
爱范儿
爱范儿
美团技术团队
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Hugging Face - Blog
Hugging Face - Blog
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
C
CXSECURITY Database RSS Feed - CXSecurity.com
P
Privacy International News Feed
PCI Perspectives
PCI Perspectives
H
Heimdal Security Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
F
Full Disclosure
SecWiki News
SecWiki News
T
The Blog of Author Tim Ferriss
Help Net Security
Help Net Security
Google DeepMind News
Google DeepMind News
P
Palo Alto Networks Blog
博客园 - 叶小钗
C
Check Point Blog
Scott Helme
Scott Helme
V
Visual Studio Blog
博客园 - 聂微东
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Google Online Security Blog
Google Online Security Blog
大猫的无限游戏
大猫的无限游戏
The Register - Security
The Register - Security

Blog

CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike Why AI Projects Stall and How CIOs Can Respond | CrowdStrike CrowdStrike Leads 2026 Frost Radar for Cloud Runtime Security CrowdStrike Expands Identity Leadership with OpenID and IDPro CrowdStrike 2026 Report: China Fuels Attacks on Tech June 2026 Patch Tuesday: Updates and Analysis | CrowdStrike CrowdStrike and Zscaler Bring Continuous Identity Security to Zero Trust Access 3 Principles to Safely Scale Agentic AI | CrowdStrike ISO 42001:2023 and the New Reality of Cloud AI Data Risk How to Stop AI-Driven Data Loss | CrowdStrike CrowdStrike and NVIDIA Bring Enterprise-Grade Security to AI Factory CrowdStrike and NVIDIA Collaboration Scales AI-Native Agents Secure Shadow AI at the Control Plane with Falcon for IT CrowdStrike Named Leader in 2026 Gartner Magic Quadrant for Endpoint Protection Shadow AI: The Hidden Risk Expanding Across the Enterprise CrowdStrike Named a Leader in Identity Threat Detection and Response Inside CrowdStrike’s Takedown of a Developer-Targeting Botnet Measuring AI-Enabled Success: 3 Trackable KPIs New Claude Integration Brings Audit Data to Falcon Platform How to Protect Identities and Sessions from Infostealers Now Live: CrowdStrike 2026 Financial Services Threat Landscape Report Falcon AIDR Detects Threats at Prompt Layer in Kubernetes AI Apps May 2026 Patch Tuesday: Updates and Analysis | CrowdStrike AI Threat Detection with Automated Leads | CrowdStrike CrowdStrike Named a Leader in Gartner Magic Quadrant for Cyberthreat Intelligence CrowdStrike Launches Falcon OverWatch for Defender CrowdStrike Technical Risk Assessments Reveal Common Exposure Patterns Tune In: The Future of AI-Powered Vulnerability Discovery Defending Against CORDIAL SPIDER and SNARKY SPIDER CrowdStrike Expands ChatGPT Enterprise Integration CrowdStrike Named a Leader in 2026 Frost & Sullivan Radar for CNAPP CrowdStrike Expands Real-Time CDR to Google Cloud CrowdStrike Falcon Cloud Security Delivers 264% ROI CrowdStrike Falcon Platform Achieves 441% ROI in Three Years CrowdStrike Introduces Shadow AI Visibility Service How Defenders Must Respond to Frontier AI | CrowdStrike Frontier AI for Defenders: CrowdStrike and OpenAI TAC April 2026 Patch Tuesday: Updates and Analysis | CrowdStrike How CrowdStrike Accelerates Exposure Evaluation Against Threats | Blog STARDUST CHOLLIMA Likely Compromises Axios npm Package Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Detecting CVE-2026-20929: Kerberos Relay Attack via DNS CNAME Abuse How Charlotte AI Agentworks Fuels Security's Agentic Ecosystem CrowdStrike Flex for Services Expands Access to Elite Security Expertise Falcon Data Security Secures Data Wherever It Lives and Moves CrowdStrike Advances CNAPP with Adversary-Informed Risk Prioritization CrowdStrike Services and Agentic MDR Put Agentic SOC in Reach
CrowdStrike
Ryan Terry · 2026-06-15 · via Blog

Identity security has long been built around a simple premise: Authenticate a user, grant access, and trust that decision until their next login. While for many this model worked well enough when identities were primarily human and access patterns were predictable, that’s no longer the case for humans and definitely not the case for AI agents. 

Modern identities span humans, service accounts, cloud workloads, SaaS applications, APIs, and increasingly, autonomous AI agents operating across cloud infrastructure, SaaS platforms, browsers, and unmanaged devices. These agents can access multiple systems, invoke APIs, interact with SaaS applications, and make autonomous decisions at machine speed.

This creates a challenge for traditional security models. The speed of these agents, combined with the varying privileges of the humans using them, means a trust decision that was valid at login may no longer be valid moments later. A compromised credential or change in business context can instantly alter risk. It’s not enough to grant access once and assume trust persists.

CrowdStrike is redefining identity security with Continuous Identity — delivered through CrowdStrike Falcon® Next-Gen Identity Security — which continuously evaluates identity, device, threat, and business context to determine whether access should be granted, adjusted, or revoked. Today, we are introducing three innovations that extend Continuous Identity across the modern identity attack surface:

  • Continuous Identity for AI Agents, enabling real-time authorization for every agent action
  • Expanded modern privileged access for AWS cloud infrastructure
  • Unified ownership, visibility, and intelligence across non-human identities (NHIs)

Together, these capabilities help organizations continuously verify trust across human, non-human, and AI identities while reducing standing privileges and identity-driven risk.

Introducing Continuous Identity for AI Agents

Continuous Identity for AI Agents introduces a model that eliminates standing privileges and immediately verifies trust for every agent action. This approach helps address emerging AI agent risks including excessive privileges, compromised credentials, unauthorized access, agent-to-agent delegation risks, and access that remains active after risk conditions change.

Using modern identity standards including SPIFFE and the Shared Signals Framework (SSF), every action is authorized in real time based on what the agent is, who the human behind it is, and what the security and business context demands at that moment. This proactive approach controls access before agents can act. 

How It Works:

  • Every agent should have a verifiable identity based on the SPIFFE standard.
  • Every action is evaluated against the human's and agent's entitlements, in addition to security and business context
  • An agent with read/write capability acting for a read-only user can only read; the same agent, with a different human, would produce a different outcome
  • No standing privileges exist; authorization happens at the moment of action using live risk signals
  • When agents delegate to sub-agents, human identity and permissions are preserved
  • If context changes — a new vulnerability, an HR status change — access is immediately revoked

CrowdStrike provides defense in depth for AI agent security with Continuous Identity for AI Agents, delivered through Falcon Next-Gen Identity Security, as well as CrowdStrike Falcon® AI Detection and Response (AIDR). Falcon AIDR continuously inspects prompts and intent to detect permission misuse or attempts to manipulate an LLM beyond its authorized scope, triggering Continuous Identity to revoke access before damage is done.

Expanded Modern Privileged Access for AWS

As organizations expand cloud operations, standing privileges create risk. When privileged access remains available after it is needed, adversaries can exploit compromised credentials or elevated permissions to move laterally and access critical cloud resources. 

CrowdStrike is extending modern privileged access to AWS cloud infrastructure. Organizations can eliminate standing AWS privileges and give engineers only the access they need for the session, task, or approved workflow at hand.

How It Works:

  • When identities log into AWS using single sign-on (SSO), CrowdStrike evaluates identity, device posture, Falcon Zero Trust Access (ZTA) score, group membership, and other security signals
  • The Falcon platform dynamically assigns the correct AWS roles or tags for that session
  • Access exists only for the session duration or until context changes; if risk changes, privileges can be adjusted or automatically revoked
  • Workflows support self-elevation and approval-based access for higher-risk scenarios

This innovation extends Continuous Identity beyond identity providers and into cloud infrastructure by allowing organizations to eliminate standing AWS privileges and grant access only when it is required.

Unified Visibility and Intelligence Across Machine Identities

In addition to AI agents, organizations have thousands of NHIs (service accounts, API keys, OAuth tokens, cloud service principals) across their environment. However, ownership, governance, and accountability for these identities are often unclear. Security and identity teams often have the same questions when investigating threats or reviewing access: Who owns this identity? Who do I contact? Can I disable it without breaking production?

Too often, that answer is buried across identity protection metadata, cloud tags, Git history, and ticketing systems. No single system has the complete picture.

Falcon Next-Gen Identity Security automatically maps NHIs to human owners using signals from across the Falcon platform, establishing a formal ownership graph that makes every NHI accountable to a person or team. Unowned NHIs surface as posture findings, which drives accountability without manual overhead. 

How It Works:

  • Falcon Next-Gen Identity Security uses metadata from the Falcon platform to assign owners to NHIs (e.g., who manages access, who uses the machine, who created the service account).
  • NHIs missing an owner surface as posture findings. When an owner leaves, affected NHIs escalate to high severity so teams can reassign before coverage gaps become exploitable. This combines ownership context with permissions and threat activity to identify which NHIs pose the greatest risk. 
  • When an NHI is involved in a detection, teams immediately see who owns it, what it can access, and whether it's actively governed or orphaned.
  • Falcon Next-Gen Identity Security automatically flags orphaned, stale, and overprivileged NHIs as employees leave the organization or change roles, or as permissions drift over time. 

The Future of Identity Is Continuous

AI agents demand a new approach to identity security. Organizations can’t rely on static access decisions, periodic reviews, or fragmented controls to secure autonomous systems operating at machine speed. Identity security must continuously evaluate trust, continuously validate access, and continuously enforce policy as conditions change.

CrowdStrike is redefining identity security with Continuous Identity, which transforms identity from a point-in-time decision into a real-time control system. Continuous Identity for AI Agents will extend these capabilities to the agents proliferating across business environments, and it’s backed by defense in depth across the Falcon platform.

Delivered through Falcon Next-Gen Identity Security, Continuous Identity will extend across identity providers, cloud infrastructure, SaaS applications, browser sessions, and remote access workflows — all from a single unified platform.

Forward-Looking Statements

This blog includes capabilities available today, as well as capabilities expected to be delivered through the ongoing integration of SGNL technology into the CrowdStrike Falcon® platform.

Additional Resources