CrowdStrike has announced a definitive agreement to acquire Seraphic Security, a specialist in browser runtime security, in a move that could redefine how enterprises secure the modern workplace. The acquisition aims to transform any web browser into a secure enterprise browser, without forcing employees to abandon their browser of choice.
The announcement, made on January 14, 2026, underscores a growing reality: the browser has become the primary execution layer for work, collaboration, cloud applications, and AI agents. With an estimated 85% of the workday now spent in browsers, attackers increasingly view them as high-value targets. Yet, traditional security models often rely on restrictive enterprise browsers or high-latency network controls, creating friction for users.
By integrating Seraphic’s in-session, browser-native protection with CrowdStrike’s Falcon® platform and SGNL’s continuous authorization technology, the company plans to deliver a unified next-generation identity security strategy. The combined approach is designed to protect every interaction—from endpoints to browser sessions to the cloud—using real-time risk signals rather than static access decisions.
“By decoupling security from the browser itself, we can turn any browser into a secure enterprise browser, without forcing change or slowing productivity,” said George Kurtz, CEO and founder of CrowdStrike. He added that the combination of Falcon’s endpoint intelligence, Seraphic’s runtime visibility, and SGNL’s dynamic authorization advances the company’s vision of Zero Standing Privilege for the emerging agentic workforce.
The integration is expected to strengthen defenses against session-based threats such as phishing, session hijacking, and man-in-the-browser attacks, while also enabling granular data loss prevention and protection for generative AI usage at the browser layer. Significantly, it extends security to unmanaged and BYOD devices by securing browser sessions without requiring a full endpoint agent.
Ilan Yeshua, CEO and co-founder of Seraphic, said the deal brings “platform-level protection to the most important execution layer in the enterprise,” making zero trust a continuous reality rather than a one-time gateway check.
The transaction will be paid predominantly in cash, with a portion in stock subject to vesting conditions, and is expected to close in CrowdStrike’s first quarter of FY’27, pending customary approvals.
