DataCenterNews Asia Pacific - Specialist news for cloud & data center decision-makers
Asia

Guides

#
disaster recovery
#
multi-cloud
#
power / energy
#
software defined wide area network
#
storage

Search

Secure cloud digital shield ai oversight saas applications network connections
#
Cloud Security
#
AI Security
#
Risk & Compliance

CrowdStrike & OpenAI enhance SaaS security with AI agent oversight

Yesterday
Author image
By Melvin Hipolito, Editor

CrowdStrike has announced a new integration with OpenAI aimed at improving security and governance for AI agents used throughout the software-as-a-service (SaaS) landscape.

The company's Falcon Shield product now features integration with the OpenAI ChatGPT Enterprise Compliance API, providing the ability to discover and manage both GPT and Codex agents created within OpenAI's ChatGPT Enterprise environment. This expansion supports more than 175 SaaS applications, addressing the increasing use of agentic AI in business operations.

AI and the expanding attack surface

As enterprises leverage AI agents to automate workflows and increase efficiency, the number of such agents is rising rapidly. CrowdStrike highlighted that while these agents deliver operational benefits, they also introduce new security challenges. Organisations may struggle to monitor agent activities, understand the data and systems these agents can access, and determine who is responsible for creating or controlling them.

Autonomous AI agents frequently operate with non-human identities and persistent privileges. If a human identity associated with such an agent is compromised, there is potential for adversaries to use the agent to exfiltrate data, manipulate systems, or move across key business applications undetected. The proliferation of these agents increases the attack surface and can significantly amplify the impact of a security incident.

Enhanced visibility and governance

Falcon Shield's new capabilities are intended to help organisations address these risks by mapping each AI agent to its human creator, identifying risky behaviour, and aiding real-time policy enforcement. When combined with the company's Falcon Identity Protection, CrowdStrike's platform aims for unified visibility and protection for both human and non-human identities.

"AI agents are emerging as superhuman identities, with the ability to access systems, trigger workflows, and operate at machine speed," said Elia Zaitsev, chief technology officer, CrowdStrike. "As these agents multiply across SaaS environments, they're reshaping the enterprise attack surface, and are only as secure as the human identities behind them. Falcon Shield and Falcon Identity Protection help secure this new layer of identity to prevent exploitation."

Key features of the Falcon Shield integration include the discovery of embedded AI tools such as GPTs and Codex agents across various platforms, including ChatGPT Enterprise, Microsoft 365, Snowflake, and Salesforce. This is designed to give security teams increased visibility into AI agent proliferation within an organisation's digital environment.

Accountability and threat containment

The integration links each AI agent to its respective human creator. According to CrowdStrike, this supports greater accountability and enables organisations to trace access and manage privileges using contextual information. Falcon Identity Protection works alongside these capabilities to further secure human identities associated with AI agent activity.

CrowdStrike stated that the system is capable of analysing identity, application, and data context to flag risks such as overprivileged agents, GPTs with sensitive abilities, and any unusual activity. Threats can be contained automatically using Falcon Fusion, the company's no-code security orchestration, automation, and response (SOAR) engine, which can block risky access, disable compromised agents, and trigger response workflows as required.

Unified protection approach

The product suite combines Falcon Shield, Falcon Identity Protection, and Falcon Cloud Security to provide what the company describes as end-to-end visibility and control over AI agent activity, tracking actions from the person who created an agent to the cloud systems it is able to access.

Organisations using agentic AI in their operations are being encouraged to consider tools and approaches that not only monitor the agents themselves but also strengthen oversight of the human identities behind these digital entities.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Drowning in data, starving for insights: Amperity experts reveal customer data challenges
Varonis unveils cloud-native solution for database security
System administrators drive Asia’s AI success amidst rapid change
Malaysia’s data centre sector set for rapid growth to 2030
Adeptia posts double-digit growth as AI data automation expands

Top stories

Alibaba Cloud named leader in Forrester Wave serverless report
CrowdStrike unveils AI-driven updates to Falcon threat intelligence
Hitachi Vantara launches VSP One SDS on Google Cloud Marketplace
Nasuni unveils dashboards for analytics & operational insights
DayOne starts AI-ready, 20MW green data centre build in Singapore