CrowdStrike announced on September 16, 2025, at its Fal.Con event in Las Vegas that it has signed a definitive agreement to acquire Pangea, an AI security provider. The deal is designed to extend CrowdStrike’s Falcon platform and deliver what the company described as the industry’s first AI Detection and Response (AIDR) system, aimed at securing data, models, agents, identities, infrastructure, and interactions throughout the AI lifecycle. The move comes as enterprises accelerate AI adoption and face new risks from adversarial attacks on prompts, agents, and applications.
The acquisition underscores how cybersecurity companies are racing to redefine protection strategies for AI-driven environments. CrowdStrike positioned this move as the next evolution after Endpoint Detection and Response (EDR), applying its playbook for endpoint security to the emerging world of enterprise AI.
Securing every layer of AI usage
According to the announcement, CrowdStrike will integrate Pangea’s capabilities into its Falcon platform to extend security beyond traditional infrastructure and endpoint protection. While Falcon already safeguards AI environments and prevents data leakage from cloud workloads, Pangea adds coverage for the interaction layer where AI is built and used within enterprises.
George Kurtz, CrowdStrike co-founder and chief executive officer, said the acquisition would help organizations manage risk as AI adoption accelerates. He noted that “each prompt becomes an entry point for the adversary,” and emphasized that AIDR would enforce safeguards to maintain compliance and security across AI deployments.
Pangea’s specialized protections
Pangea brings several targeted defenses, including:
- Prompt-injection defense: Protects AI systems from malicious prompts and jailbreak attempts that try to bypass safeguards, with CrowdStrike claiming up to 99% effectiveness and near real-time response.
- Governance controls: Gives organizations oversight of how AI tools are used, with policies to monitor conversations, flag risky activity, and enforce compliance.
- Secure-by-design development: Provides frameworks and guardrails so developers can embed security into AI applications from the ground up, rather than adding it after deployment.
Oliver Friedrichs, Pangea’s chief executive officer and founder, said the company was founded to make AI adoption safe and secure, and that joining CrowdStrike would help realize that vision globally.
AI security in a shifting landscape
CrowdStrike’s announcement reflects a broader cybersecurity industry push to address the expanding attack surface created by AI adoption. As organizations deploy generative AI tools for both employees and customer-facing applications, attackers are increasingly probing weaknesses in prompts, data handling, and model integrity.
The acquisition also signals a consolidation trend, where established security vendors absorb specialized AI security firms to stay ahead of evolving threats. Pangea’s integration into Falcon will position CrowdStrike alongside peers that are building or acquiring AI-native defenses.
