Agent AI, Artificial Intelligence and Machine Learning, Next Generation Technology, Secure Development
Silicon Valley startup brings AI agents and rapid injection protection to FALCON
Michael Novinson (Michael Novinson)•
September 18, 2025
CrowdStrike plans to purchase an artificial intelligence security startup led by the founder of Soar Pioneer Phantom to protect corporate AI users and developer workflows at scale.
reference: AI agents require a scalable identity security framework
Goliath, Austin, Texas-based platform security, said the proposed acquisition of Silicon Valley-based Pangea will address AI risks, including rapid injection, unauthorized access and misuse of AI. He said Pangaea will play a key role in the Cloud Strike vision of ensuring AI through a three-tier approach focusing on core infrastructure, software orchestration and identity.
“We have a rather proven playbook about bringing new technologies into the company, integrating them natively into the platform and building them into a truly successful business,” Bernard told Information Security Media Group. “I saw the opportunity to create and own AIDR categories in Pangea. CrowdStrike created categories for EDRs. How do you extend detection and response to AI?”
Founded in 2021, Pangaea employs around 40 people, raises $51 million in external funding, and recently completed a $26 million Series B funding round led by GV in November 2022. The company has been led since its founding in April 2018 by Oliver Friedrichs, who previously sold SOAR vendor Phantom Cyber for $350 million. CrowdStrike Buys Onum for $290 Million to Boost Siem Data Intake).
How Pangaea protects infrastructure, identity layers
Organizations are looking for ways to protect AI tools and systems that are integrated into their business workflows. Bernard said Crowdstrike aims to fill that gap with Pangea as a cornerstone. Just as CrowdStrike once led by creating endpoint detection and response spaces, as well as identity threat detection and response spaces, Bernard said the company is currently trying to carry out the same feat in the AI realm.
“There certainly is a lot of talk, activity and need in the market about how we secure AI socially,” Bernard said. “This actually covers the needs of the 'AI security' social market. ”
Bernard said Pangea's technologies, including rapid injection blocking, data governance and malicious agent detection, provide the cloud strike that the visibility and control needed to monitor AI activity at multiple levels. In the AI age, security needs to explain not only systems and users, but also autonomous agents, agents' behaviors, and evolving mechanical users' interactions, and Pangaea is an important asset for this.
According to Bernard, Pangea's strength lies in the infrastructure and identity layers, but the company's orchestration tools also touch the software layer. For example, Bernard said Pangea will detect AI-specific vulnerabilities such as rapid injection attacks at the identity layer, ensuring secure model access and data flow occurs at the infrastructure layer.
“The core infrastructure layer is where a lot of components actually operate,” Bernard said. “How do you protect your data center? How do you protect your GPU? How do you protect your data in transit, and your static data? And ultimately, how do you protect your cloud?”
Why Pangaea's approach to AI security is different
Many companies in the AI security space focus on either ensuring AI for workers using AI tools or developing developers who embed AI in their applications. Conversely, Bernard states that Pangaea can support both ends of the spectrum, and team building detection and control functions work effectively for prompt-driven user interaction, similar to code-level development workflows.
“A lot of companies are starting to build for one and missing out on their ability to pivot later,” Bernard said. “Developer users have different workflows. End users use the finished model and agent. You can go back to using specific code from the prompt.
Technically, Pangea will bolster the Core Falcon module, including cloud security, data protection, identity threat detection and response, Bernard said. He also continued Crowdstrike's efforts to tease the new user interface that integrates customer experiences throughout the module and feel secure seamlessly rather than siloed.
“The great thing about our platform approach is that there are many ways to realize Pangaea's capabilities set for customers, not only to strengthen our security perspective, but to make this very competitive,” Bernard said. “We have announced an entirely new user experience that brings all the native modules even closer.”
Bernard expects AI agents to become core members of the enterprise workforce with digital assistants, copilots, bots and autonomous systems that can perform tasks, make decisions, and exponentially scale work output. From blocking malicious activities to ensuring secure prompts and credentials, Bernard believes that ensuring identity – whether human or not, will be key to future purging cybersecurity.
“The preliminary data we already know is that this is the industry's best protection against rapid injections, with 99% effectiveness with latency below 30ms,” Bernard said. “We provide the technology the market needs to safely adopt the next biggest and best.
The Pangea deal comes just weeks after Crowdstrike agreed to buy Telemetry Pipeline Management Startup Onum for $290 million to transform the way third-party data is ingested into the company's SIEM platform. It was also the second acquisition of an AI security startup announced this week, and Checkpoint Software agreed to buy Lakera for $300 million to provide end-to-end security for AI use and applications (see: See: Add AI application defense to your checkpoint Lakera purchases).
