SGNL

SGNL was acquired by CrowdStrike for $740 million in January 2026, bolting real-time access revocation capabilities onto CrowdStrike's identity protection platform. The acquisition targets the specific gap the Stryker MDM wipe exposed: an attacker with a legitimate MDM admin credential can execute mass device wipes because standard session controls do not interrupt an authenticated admin action. SGNL's session-revocation approach enables just-in-time access grants that expire automatically, so a stolen credential cannot be used after the legitimate session ends.

SGNL was founded in 2021 by Scott Kriz and Eric Olden, veterans of identity and access management businesses. Its core product provides dynamic access control policies that tie permissions to specific work tasks rather than standing role assignments; when a task ends, the permission revokes automatically. This model is the architectural counterpart to the Conditional Access policies that MDM deployments typically rely on but which, in Stryker's case, did not prevent the wipe.

For CrowdStrike, the SGNL acquisition extends its Falcon platform into privileged identity governance at the MDM and Cloud-control-plane layer. Against the backdrop of Stryker and the wider identity-as-attack-surface thesis, the $740m price tag reflects the market's valuation of real-time revocation as a distinct capability category.