CrowdStrike is to acquire Seraphic Security, a California-based firm specialising in browser runtime security, for an undisclosed price.

Founded in 2020, Seraphic operates in the enterprise browser security market, developing patented technology to transform any browser into a secure platform with robust protection and detection features.

The company’s solution facilitates secure access to SaaS and private web applications by employees and third parties from both managed and personal devices. This approach eliminates the complexity and cost associated with virtual desktop infrastructure (VDI) and virtual private networks (VPN).

Seraphic’s technology is designed to be invisible to the end-user and supports all browsers as well as SaaS desktop applications such as Teams, Discord, Slack, and WhatsApp. In January 2025, Seraphic secured $29m Series A funding, which included investment from the CrowdStrike Falcon Fund.

The acquisition aims to enhance CrowdStrike’s Falcon platform by incorporating Seraphic’s browser-native protection. The integration will enable advanced security measures directly within popular browsers such as Chrome, Edge, Safari, and Firefox. This approach is expected to address a significant gap in cybersecurity, as most professional activities occur via web browsers.

Seraphic CEO and co-founder Ilan Yeshua said: “The browser is where modern work happens.

“In joining CrowdStrike, we are bringing platform-level protection to the most important execution layer in the enterprise, ensuring that zero trust is a continuous reality, not just a gateway check.”

The addition of Seraphic will empower CrowdStrike’s security operations centre (SOC) by enabling it to analyse extensive endpoint data alongside real-time browser telemetry. This enhancement is designed to advance next-generation identity security through dynamic access management based on session and risk assessments, effectively countering cyber threats by modifying permissions as needed.

Furthermore, the integration offers several key benefits. These include securing AI applications within the browser, implementing zero trust policies with dynamic control, and preventing data leaks with AI-driven content filtering.

The integrated solution also extends protection to unmanaged and bring-your-own devices without requiring complete endpoint agents.

Financial terms of the acquisition include a combination of cash and stocks subject to vesting conditions. The transaction is expected to finalise in CrowdStrike’s first fiscal quarter of 2027, pending standard closing procedures.

Last week, CrowdStrike announced the acquisition of SGNL, a California-based company known for continuous identity security solutions. This acquisition is intended to enhance real-time risk assessments across cloud platforms by integrating SGNL’s technology into CrowdStrike’s offerings.

CrowdStrike CEO and founder George Kurtz said: “Productivity requires flexibility and security; users want to work in their browser of choice. Seraphic delivers exactly that.

“By decoupling security from the browser itself, we can turn any browser into a secure enterprise browser, without forcing change or slowing productivity. With our vast endpoint signals combined with Seraphic’s in-session visibility and SGNL’s dynamic authorisation, we are defining the future of Zero Standing Privilege for the modern agentic workforce.”

In addition to these acquisitions, CrowdStrike has entered into a partnership with Nord Security aimed at enhancing cybersecurity for small and medium-sized businesses (SMBs). This collaboration merges CrowdStrike’s AI-native Falcon platform with Nord Security’s secure access technologies.

As part of this initiative, Nord Security will distribute Falcon Go and Falcon Enterprise through its NordLayer network security platform. Additionally, an add-on for Falcon’s Next-Gen SIEM will be launched in cooperation with Pax8, offering improved detection capabilities and 90 days of free access for qualifying customers.