CrowdStrike Announces Continuous Identity for AI Agents

Skip to main content Enable accessibility for low vision Open the accessibility menu ___ Blog Featured Recent Video Category Start Free Trial CrowdStrike Announces Continuous Identity for AI Agents New innovations bring Continuous Identity to AI agents, extend modern privileged access into AWS cloud infrastructure, and unify identity intelligence across human, non-human, and AI identities. June 15, 2026 • Ryan Terry • Next-Gen Identity Security Identity security has long been built around a simple premise: Authenticate a user, grant access, and trust that decision until their next login. While for many this model worked well enough when identities were primarily human and access patterns were predictable, that’s no longer the case for humans and definitely not the case for AI agents.  Modern identities span humans, service accounts, cloud workloads, SaaS applications, APIs, and increasingly, autonomous AI agents operating across cloud infrastructure, SaaS platforms, browsers, and unmanaged devices. These agents can access multiple systems, invoke APIs, interact with SaaS applications, and make autonomous decisions at machine speed. This creates a challenge for traditional security models. The speed of these agents, combined with the varying privileges of the humans using them, means a trust decision that was valid at login may no longer be valid moments later. A compromised credential or change in business context can instantly alter risk. It’s not enough to grant access once and assume trust persists. CrowdStrike is redefining identity security with Continuous Identity — delivered through CrowdStrike Falcon® Next-Gen Identity Security — which continuously evaluates identity, device, threat, and business context to determine whether access should be granted, adjusted, or revoked. Today, we are introducing three innovations that extend Continuous Identity across the modern identity attack surface: Continuous Identity for AI Agents, enabling real-time authorization for every agent action Expanded modern privileged access for AWS cloud infrastructure Unified ownership, visibility, and intelligence across non-human identities (NHIs) Together, these capabilities help organizations continuously verify trust across human, non-human, and AI identities while reducing standing privileges and identity-driven risk. Introducing Continuous Identity for AI Agents Continuous Identity for AI Agents introduces a model that eliminates standing privileges and immediately verifies trust for every agent action. This approach helps address emerging AI agent risks including excessive privileges, compromised credentials, unauthorized access, agent-to-agent delegation risks, and access that remains active after risk conditions change. Using modern identity standards including SPIFFE and the Shared Signals Framework (SSF), every action is authorized in real time based on what the agent is, who the human behind it is, and what the security and business context demands at that moment. This proactive approach controls access before agents can act.  How It Works: Every agent should have a verifiable identity based on the SPIFFE standard. Every action is evaluated against the human's and agent's entitlements, in addition to security and business context An agent with read/write capability acting for a read-only user can only read; the same agent, with a different human, would produce a different outcome No standing privileges exist; authorization happens at the moment of action using live risk signals When agents delegate to sub-agents, human identity and permissions are preserved If context changes — a new vulnerability, an HR status change — access is immediately revoked CrowdStrike provides defense in depth for AI agent security with Continuous Identity for AI Agents, delivered through Falcon Next-Gen Identity Security, as well as CrowdStrike Falcon® AI Detection and Response (AIDR). Falcon AIDR continuously inspects prompts and intent to detect permission misuse or attempts to manipulate an LLM beyond its authorized scope, triggering Continuous Identity to revoke access before damage is done. Expanded Modern Privileged Access for AWS As organizations expand cloud operations, standing privileges create risk. When privileged access remains available after it is needed, adversaries can exploit compromised credentials or elevated permissions to move laterally and access critical cloud resources.  CrowdStrike is extending modern privileged access to AWS cloud infrastructure. Organizations can eliminate standing AWS privileges and give engineers only the access they need for the session, task, or approved workflow at hand. How It Works: When identities log into AWS using single sign-on (SSO), CrowdStrike evaluates identity, device posture, Falcon Zero Trust Access (ZTA) score, group membership, and other security signals The Falcon platform dynamically assigns the correct AWS roles or tags for that session Access exists only for the session duration or until context changes; if risk changes, privileges can be adjusted or automatically revoked Workflows support self-elevation and approval-based access for higher-risk scenarios This innovation extends Continuous Identity beyond identity providers and into cloud infrastructure by allowing organizations to eliminate standing AWS privileges and grant access only when it is required. Unified Visibility and Intelligence Across Machine Identities In addition to AI agents, organizations have thousands of NHIs (service accounts, API keys, OAuth tokens, cloud service principals) across their environment. However, ownership, governance, and accountability for these identities are often unclear. Security and identity teams often have the same questions when investigating threats or reviewing access: Who owns this identity? Who do I contact? Can I disable it without breaking production? Too often, that answer is buried across identity protection metadata, cloud tags, Git history, and ticketing systems. No single system has the complete picture. Falcon Next-Gen Identity Security automatically maps NHIs to human owners using signals from across the Falcon platform, establishing a formal ownership graph that makes every NHI accountable to a person or team. Unowned NHIs surface as posture findings, which drives accountability without manual overhead.  How It Works: Falcon Next-Gen Identity Security uses metadata from the Falcon platform to assign owners to NHIs (e.g., who manages access, who uses the machine, who created the service account). NHIs missing an owner surface as posture findings. When an owner leaves, affected NHIs escalate to high severity so teams can reassign before coverage gaps become exploitable. This combines ownership context with permissions and threat activity to identify which NHIs pose the greatest risk.  When an NHI is involved in a detection, teams immediately see who owns it, what it can access, and whether it's actively governed or orphaned. Falcon Next-Gen Identity Security automatically flags orphaned, stale, and overprivileged NHIs as employees leave the organization or change roles, or as permissions drift over time.  The Future of Identity Is Continuous AI agents demand a new approach to identity security. Organizations can’t rely on static access decisions, periodic reviews, or fragmented controls to secure autonomous systems operating at machine speed. Identity security must continuously evaluate trust, continuously validate access, and continuously enforce policy as conditions change. CrowdStrike is redefining identity security with Continuous Identity, which transforms identity from a point-in-time decision into a real-time control system. Continuous Identity for AI Agents will extend these capabilities to the agents proliferating across business environments, and it’s backed by defense in depth across the Falcon platform. Delivered through Falcon Next-Gen Identity Security, Continuous Identity will extend across identity providers, cloud infrastructure, SaaS applications, browser sessions, and remote access workflows — all from a single unified platform. Forward-Looking Statements This blog includes capabilities available today, as well as capabilities expected to be delivered through the ongoing integration of SGNL technology into the CrowdStrike Falcon® platform. Additional Resources Explore the Falcon Next-Gen Identity Security product page. Learn what industry analysts are saying about CrowdStrike’s identity security solutions. Download the Complete Guide to Next-Gen Identity Security. Interested in learning more? Join us at Fal.Con 2026, where these conversations take center stage. CrowdStrike 2026 Global Threat Report AI threats have reached a critical turning point. Access the definitive look at the cyber threat landscape. Download Related Content Next-Gen Identity Security | Jun 10, 2026 CrowdStrike Expands Identity Leadership with OpenID and IDPro Next-Gen Identity Security | Jun 08, 2026 CrowdStrike and Zscaler Bring Continuous Identity to Zero Trust Access Next-Gen Identity Security | May 26, 2026 CrowdStrike Named a Leader in Identity Threat Detection and Response Categories Agentic SOC 52 Cloud & Application Security 145 Data Security 24 Endpoint Security & XDR 357 Engineering & Tech 87 Executive Viewpoint 180 Exposure Management 120 From The Front Lines 204 Next-Gen Identity Security 73 Next-Gen SIEM & Log Management 113 Public Sector 42 Securing AI 37 Threat Hunting & Intel 219 CrowdStrike Falcon Platform Ready to protect your business? Try CrowdStrike free today Start free trial Subscribe Sign up now to receive the latest notifications and updates from CrowdStrike Subscribe See CrowdStrike Falcon in action Explore demos Copyright © 2026 CrowdStrike Privacy Request Info Blog Contact Us 1.888.512.8906 Accessibility ABOUT COOKIES ON THIS SITE In order to provide you with the most relevant content and best browser experience, we use cookies to remember and store information about how you use our website. See how we use this information in our Privacy Notice and more information about cookies in our Cookie Notice. Privacy Preference Center Privacy Preference Center Your Privacy Strictly Necessary Cookies Performance Cookies Functional Cookies Targeting Cookies Your Privacy When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences, or your device, and is mostly used to make the site work as you expect. The information does not usually identify you directly, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to learn more and change our default settings. Blocking some types of cookies may impact your experience of the site and the services we are able to offer. More information Strictly Necessary Cookies Always Active These cookies are necessary for the website to function and cannot be switched off in our systems. They may be set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies may process limited personal information, such as technical or device identifiers, where necessary to ensure the security, functionality, and integrity of the website or web portal. Such processing is strictly limited to what is required for these purposes and is not used for advertising or marketing. Cookies Details Performance Cookies Performance Cookies These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore does not identify you. If you do not allow these cookies, your visit to our website will not be included in our analytics, and our ability to monitor website performance and make improvements will be reduced. Cookies Details Functional Cookies Functional Cookies These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly. Cookies Details Targeting Cookies Targeting Cookies These cookies may be set on our site by our advertising partners. They assign a unique identifier to your browser or device and may track your activity across sites to build a profile of your interests and show you relevant adverts on other sites. If you do not allow these cookies, you will still see ads, but they may be less relevant to you. Cookies Details Cookie List Consent Leg.Interest checkbox label label checkbox label label checkbox label label Clear checkbox label label Apply Cancel Confirm My Choices Allow All