CrowdStrike announced a $420 million acquisition of browser security startup Seraphic Security on Monday, marking its second major cybersecurity purchase in a week. The deal follows last week's $740 million purchase of identity startup SGNL and targets AI-driven browser threats that have transformed corporate workflows.
Seraphic Security, founded in 2020 and led by former Walla CEO Ilan Yeshua, provides browser runtime protection without forcing users into proprietary browsers. The company completed a $29 million Series A round in January 2025 and employs 84 people. CrowdStrike will pay approximately $420 million for the startup, with the deal expected to close during CrowdStrike's first quarter of fiscal year 2027, which ends April 30, 2027.
The acquisition addresses what CrowdStrike calls "the new front door" of enterprise security. Employees now spend 85% of their workday in browsers, which have become primary gateways for AI agents and generative AI applications. Traditional browser security either forces proprietary browsers or relies on easily disabled extensions that fail with advanced AI use cases.
"Seraphic really becomes the front door of how AI is used," said CrowdStrike Chief Business Officer Daniel Bernard. "It's like a front door that lets us do EDR on the web. The browser has really become a very key focal point to AI adoption."
Seraphic's technology turns any web browser into a secure environment, supporting Chrome, Edge, Safari, Firefox, and emerging agentic browsers on both managed and unmanaged devices. Unlike enterprise browsers like Island and Talon that require users to switch to proprietary browsers, Seraphic works with existing browsers and can forcibly shut down web sessions in real time for scenarios like employee offboarding or stopping malicious activity.
The integration creates what CrowdStrike calls a "Next-Gen Identity Security strategy" by combining Seraphic's browser protection with SGNL's continuous authorization and Falcon's endpoint telemetry. Seraphic acts as the front door for web and AI access, while SGNL becomes the central decision-making engine for identity governance.
"This is a whole new architecture that you can use to run web-based software or applications, agentic software and applications," Bernard explained. "The search bar, in many ways, has been replaced by an AI and LLM. The experience has gone from being a searching experience to being a productivity experience."
CrowdStrike CEO George Kurtz compared AI agents to "giving full access to a drunken intern" in an interview with Yahoo Finance. "Who knows what they're going to do?" he said, highlighting the unpredictable nature of AI agents that now permeate corporate workflows.
The combined technology will deliver web detection and response capabilities, allowing enterprises to monitor, detect, and stop malicious activity in real time even within browser sessions. Key features include in-session zero trust enforcement, next-gen web DLP, protection against session hijacking and sophisticated phishing, and agentless-style protection for contractors and BYOD devices.
CrowdStrike's acquisition spree continues its 2025 momentum, which included purchases of AI agentic security platform Pangea for $260 million and data startup Onum for $290 million. The company reported strong third-quarter results with sales rising 22% year-over-year to $1.23 billion and annual recurring revenue reaching $4.92 billion.
The purchase price will be paid predominantly in cash with a portion in stock subject to vesting conditions. The acquisition is expected to close during CrowdStrike's first quarter of fiscal year 2027, subject to customary closing conditions.
"Sometimes in these markets, the first movers aren't really the ones that win the long-term game," Bernard said. "We think this is the best approach for our customers and the best approach for the market at large, and it will be supercharged with the machine of CrowdStrike."
