CrowdStrike to Acquire Adaptive Shield to Deliver Integrated SaaS Security Posture Management

Today, at the inaugural Fal.Con Europe, I’m excited to announce CrowdStrike’s agreement to acquire SaaS security leader Adaptive Shield. This acquisition will propel CrowdStrike to become the only cybersecurity vendor to provide full protection against identity-based attacks across the modern cloud ecosystem — from on-premises Active Directory to cloud-based identity providers and the growing landscape of SaaS applications — through a single unified platform.

With organizations quickly growing their cloud footprints, the need for robust defense spanning hybrid cloud environments has never been greater. SaaS is projected to be the largest category of cloud computing in 2024, capturing more than 40% of all public cloud spending.¹

Adversaries are taking aim at this rapidly growing attack surface and often using identity-based attack techniques to do it. Cloud intrusions were up 75% last year, the CrowdStrike 2024 Global Threat Report found, and 75% of attacks used to gain initial access were malware-free. As SaaS adoption continues to grow, the introduction of new applications drives complexity and heightens the risk of misconfigurations across human and non-human accounts that create openings for cyberattacks.

These factors create a host of challenges for defenders:

• Gaining full visibility into applications: As a result of the democratization of IT, application owners from different departments are tasked with managing and securing their apps, impeding visibility into configurations, identity and data security.
• Securing a high volume of SaaS apps: Organizations may have tens to hundreds of SaaS applications, each of which has its own user interface, terminology, role-based access control, configurations and security settings, all of which must be managed and are constantly evolving.
• Detecting advanced identity-based threats: Adversaries targeting the credentials and identities of SaaS applications can gain access to business-critical services hosting sensitive customer data, often without raising alarm.
• Securing human and non-human identities: With identities spanning human users and non-human entities such as service accounts, API keys and third-party app OAuth authorizations, ensuring comprehensive identity security in SaaS applications requires meticulous management of authentication, authorization and activity monitoring.

Adversaries know these issues and exploit them, often hiding in the dark gaps between SaaS applications where they’re sure they won’t be found.

Our goal is to shine a light on them. Adaptive Shield delivers the industry’s most complete security posture management and threat protection across SaaS identities, misconfigurations and data to stop SaaS breaches. With Adaptive Shield integrated into the CrowdStrike Falcon® cybersecurity platform, we will provide the most advanced capabilities to stop identity-based attacks across all aspects of modern hybrid cloud environments.

The Mission to Secure Business-Critical SaaS Applications

Adaptive Shield empowers customers with comprehensive SaaS security posture management (SSPM). Its technology provides full visibility into, and governance of, human and non-human identities and their permissions, entitlements, activity levels and public data across 150+ business-critical SaaS applications to strengthen identity security posture. Beyond identities, it also provides visibility into misconfigurations and other risks affecting SaaS applications so organizations can better manage these issues and detect and respond to threats.

This visibility, achieved through an agentless deployment, is essential to strengthening SaaS security posture. Security teams can use the platform to collaborate with application owners and offer guidance to address security issues. Within three to four months, organizations implementing Adaptive Shield have reported an improvement from 20% visibility to 85% visibility into their SaaS security posture — a 300% increase.

Generative AI security is also core to Adaptive Shield’s capabilities. The growing use of GenAI introduces new risks including data leakage, attack surface expansion and privacy concerns. SSPM solutions alert users of GenAI SaaS applications to security issues and provide detailed remediation steps so the application owner and security team can collaborate to resolve them.

Adaptive Shield’s technology, when integrated with the CrowdStrike Falcon platform, will deliver compelling value to organizations by proactively detecting and preventing modern cross-domain attacks spanning endpoint, cloud and SaaS applications. Below is an overview of how customers will benefit.

• Comprehensive SaaS Security Posture Management (SSPM): Organizations gain full visibility into, and governance over, misconfigurations, entitlements and activity levels of both human and non-human identities, as well as exposed data across 150+ SaaS applications. This new end-to-end visibility of identities across hybrid cloud environments gives operators unique context for rapid cloud detection and response (CDR).
• GenAI Application Security Control: Adaptive Shield monitors GenAI SaaS applications and empowers organizations to enforce security standards by detecting configuration shifts, controlling AI settings to prevent data leakage and identifying shadow AI applications to revoke access based on their risk profile. This approach ensures AI-integrated applications align with security policies to protect sensitive data.
• Unified Hybrid Identity and Cloud Security: The powerful combination of Adaptive Shield and CrowdStrike Falcon® Identity Protection will provide customers with comprehensive identity protection across SaaS, on-premises Active Directory and cloud-based environments (Okta and Microsoft Entra ID). CrowdStrike Falcon® Cloud Security customers will also gain unified visibility and protection across the entire modern cloud estate — infrastructure, custom applications, data, AI models and SaaS applications — all from the same unified console and workflow.
• Existing Integration Accelerates Detection and Response: Adaptive Shield’s existing integration with CrowdStrike Falcon® Next-Gen SIEM provides rapid first-party detection and response across multiple security domains — endpoints, identities, workloads and applications — automatically correlating detections inline with the latest threat intelligence and CrowdStrike Falcon® Fusion SOAR delivering near real-time response.

Defending Organizations Across Endpoint, Identity and Cloud

CrowdStrike is the pioneer of cloud-native cybersecurity. We were born in the cloud to defend the cloud — and we are consistently recognized for our industry-leading cloud security strategy. Our acquisition of Adaptive Shield takes us another step forward in giving our customers the best possible protection against modern cyberattacks with the Falcon platform.

Adaptive Shield is an essential piece of our cloud security vision. It provides organizations with granular visibility into their growing cloud environments, enables them to manage and secure their SaaS security posture and their human and non-human identities, and helps them detect and prevent identity-centric, cloud-focused cyberattacks.

CrowdStrike is committed to cloud security innovation and providing our customers with the robust defense they need. Earlier this year, we announced our acquisition of Flow Security. This enables us to offer our customers protection of their data at rest and in motion as it flows through the cloud, on-premises and within applications. Just over one year ago, we acquired Bionic, the pioneer of application security posture management, which allows us to offer the most comprehensive cloud-native application protection platform (CNAPP) in the industry today.

Today’s cloud environments, and the applications running in them, are constantly evolving — and so are the adversaries targeting them. Businesses need a unified solution to deliver the latest cloud security capabilities they need. Adaptive Shield’s technology is the perfect complement to CrowdStrike’s, stopping SaaS breaches on cybersecurity’s most comprehensive platform.

Forward-Looking Statements

This blog contains forward-looking statements, including statements regarding the closing and benefits of the proposed acquisition. These statements involve risks and uncertainties, and actual results may differ materially. There are a number of risks which could cause actual results to differ materially, including the satisfaction of the acquisition’s closing conditions, our ability to integrate Adaptive Shield, and other risks described in the filings we make with the Securities and Exchange Commission from time to time.

¹  IDC press release, “Worldwide Software and Public Cloud Services Spending Guide,” July 29, 2024