CrowdStrike has joined the OpenID Foundation as a Sustaining Corporate Member – the highest membership tier — and separately joined IDPro, as part of a push to advance open standards for continuous, risk-aware identity security across the enterprise industry.

The move comes as AI agents and non-human identities (NHIs) become increasingly embedded in enterprise environments, exposing the limitations of legacy identity models built on static policies and standing privileges. CrowdStrike argues that dynamic, real-time security signals are now required to make access decisions as threat conditions change — rather than relying on one-time authentication.

Open Standards for Real-Time Enforcement

Through its participation in OpenID Foundation working groups, CrowdStrike will contribute to advancing the Shared Signals Framework (SSF) and Continuous Access Evaluation Profile (CAEP) — standards designed to allow real-time security signals to flow across identity providers, SaaS platforms, cloud services and security tools, enabling continuous adaptation of access enforcement as threats evolve.

The company is combining this standards work with its acquisition of SGNL, whose runtime access enforcement layer feeds into Falcon Next-Gen Identity Security — a platform that evaluates identity and threat signals continuously to dynamically grant, deny or revoke access across human, non-human and AI agent identities.

“Identity is the front line of modern attacks, and static identity frameworks can’t stop AI-driven threats. CrowdStrike is making those signals the foundation for Next-Gen Identity Security across the industry.” — Elia Zaitsev, Chief Technology Officer, CrowdStrike

Industry Backing

The OpenID Foundation’s executive director, Gail Hodges, described CrowdStrike’s participation as sending a clear signal to the industry: that open identity standards are “not optional but a foundational requirement for effective, real-time defence” in the age of AI-accelerated attacks. IDPro board chair Joni Brennan similarly welcomed the collaboration, citing CrowdStrike’s standing as a respected voice in the cybersecurity community.