CrowdStrike Holdings Inc. today announced an expansion of its Falcon cybersecurity platform to secure artificial intelligence systems as enterprises deploy more autonomous AI agents across endpoints, software-as-a-service applications and cloud environments.

The announcements, made on day one of the RSAC 2026 Conference, are being pitched as a response to a threat landscape where AI systems are increasingly software entities that can take actions, access data and operate with elevated privileges. CrowdStrike argues that the shift creates a new governance and runtime security problem that older security controls were never built to handle.

Underpinning the announcements is a strategy that treats the endpoint as the control plane for AI security. CrowdStrike believes that because AI actions often ultimately execute on a device, the endpoint is the best place to observe behavior, enforce policy and stop malicious or risky activity in real time.

To support its vision, CrowdStrike is offering EDR AI Runtime Protection, a capability that is designed to give security teams runtime visibility into how AI applications and agents behave on a system by tracking commands, scripts, file activity and network connections. The service allows defenders to trace suspicious behavior back to the originating process and isolate the affected endpoint before the activity spreads.

CrowdStrike is also adding Shadow AI Discovery for Endpoint, a service designed to automatically identify AI applications, agents, large language model runtimes, Model Context Protocol servers and development tools running across devices. The service allows security teams to assess not just what AI is deployed, but also the potential blast radius of a compromise.

Another new service, AIDR for Desktop, extends CrowdStrike’s prompt-layer protections to desktop AI applications. The coverage includes support for major AI tools such as ChatGPT, Gemini, Claude, DeepSeek, Microsoft Copilot, O365 Copilot, GitHub Copilot and Cursor.

Beyond the endpoint

CrowdStrike is also pushing security beyond the endpoint into software-as-a-service and cloud services, where AI agents are increasingly being deployed with access to business data and workflows.

New features, including Shadow SaaS and AI Agent Discovery, provide visibility into shadow SaaS usage as well as agent activity, permissions and data access across platforms such as Microsoft Copilot, Salesforce Agentforce, ChatGPT Enterprise, OpenAI Enterprise GPT and Nexos.ai.

CrowdStrike is also extending protections to Microsoft’s Copilot ecosystem with AIDR for Copilot Studio Agents. The feature monitors prompts, data interactions and runtime behavior inside Copilot Studio agents to allow organizations to detect prompt injection attacks, policy violations and data leaks as they happen.

For cloud environments, the company is introducing Shadow AI Discovery for Cloud, which identifies ungoverned AI services, risky large language models and MCP connections and sensitive data exposure across infrastructure and application layers. Another new service, called AIDR for Cloud and Kubernetes, brings runtime inspection and enforcement to containerized AI workloads and can surface malicious activity in Kubernetes environments.

AI Data Flow Discovery for Cloud, also new today, offers real-time visibility into how sensitive data moves into and through AI services to help organizations spot exposure quickly and trigger automated responses through security orchestration workflows.

Security information and event management

On the SIEM front, CrowdStrike announced an expanded role for Falcon Next-Gen SIEM, particularly for organizations that use Microsoft Defender for Endpoint. The expanded offering means that Falcon can now ingest and correlate Defender telemetry without requiring additional sensors to lower friction for Microsoft-centric customers looking to modernize their security operations centers.

Other SIEM-related announcements are aimed at making SIEM migration less painful, including the ability for native Falcon Onum integration to improve data streaming performance, cut storage costs and reduce ingestion overhead through filtering and in-pipeline detection.

CrowdStrike is also adding third-party indicator management, which lets customers ingest and operationalize external indicators of compromise to enrich detections. A new query translation agent is designed to convert legacy SIEM queries, including Splunk searches, into CrowdStrike Query Language so security teams can preserve existing workflows while reducing retraining and migration headaches.

For CrowdStrike, the overall theme is that AI adoption is creating new control problems across the enterprise and that Falcon can become the place where those problems are managed.

The company is demonstrating its new offerings and enhancements at the RSAC Conference March 23-26.

Photo: Robert Hof/SiliconANGLE