SAN FRANCISCO, CA — On the same stage where Perplexity CEO Aravind Srinivas declared "AI is the computer" at Ask 2026, CrowdStrike and Perplexity announced a strategic partnership that directly addresses the security problem Srinivas's vision creates: who guards the AI doing the work?
The collaboration integrates the CrowdStrike Falcon security platform directly into Comet Enterprise — Perplexity's AI-native browser — creating a specialized defense layer for employees working alongside autonomous AI agents. For CrowdStrike, it also marks the first major public deployment of technology from its $420 million acquisition of Seraphic Security in January 2026.
The New Front Door of the Enterprise
As enterprises shift from static web browsing to "agentic" workflows — where AI browsers like Comet autonomously research, draft, and execute multi-step tasks — the security attack surface has fundamentally changed. The browser is no longer a passive display layer. It is an active execution environment with access to internal systems, credentials, and sensitive data.
This creates two distinct threat categories that traditional endpoint detection was not built to handle: data exfiltration via AI (employees or rogue agents pasting sensitive data into LLMs), and "shadow AI" usage(unsanctioned AI tools running undetected inside corporate networks). The CrowdStrike-Perplexity partnership targets both simultaneously.
Falcon Inside Comet: What It Does
Enterprise administrators can now opt in to Falcon-powered monitoring within the Comet browser. The integration operates at the browser runtime level, meaning security policies are enforced inside the execution context — not at the network perimeter. Key capabilities include:
| Capability | What It Prevents |
|---|---|
| Real-time web threat detection | Malicious scripts, phishing pages, and drive-by attacks within the browser session |
| Data loss prevention (DLP) | Employees or agents pasting sensitive code, credentials, or PII into external LLMs |
| Shadow AI enforcement | Unsanctioned AI tools running inside corporate Comet sessions without admin approval |
| Session monitoring | Full audit trail of agentic task execution — who authorized what, and when |
| Policy-based controls | Admins can restrict which LLMs, tools, and external services Comet agents can reach |
The Seraphic Factor: A $420M Bet Goes Live
The technical core of this partnership is Seraphic Security, an enterprise browser security company CrowdStrike acquired for $420 million in January 2026. At the time of the acquisition, analysts questioned the price tag relative to Seraphic's revenue and market share. The Ask 2026 announcement provides the clearest signal yet of why CrowdStrike paid it.
Seraphic's core technology — what CrowdStrike internally refers to as its "secret sauce" — works by randomizing a browser's JavaScript engine at runtime. This technique defeats an entire class of browser-based attacks that rely on predictable memory layouts and JavaScript execution patterns:
How JavaScript Engine Randomization Works
Traditional browser attacks — including session hijacking, credential theft, and man-in-the-browser (MitB) attacks — rely on the attacker knowing how the browser's JavaScript engine will behave at a memory level. They exploit predictable object layouts, function pointer locations, and garbage collection patterns.
Seraphic's approach re-randomizes these internal structures each time the browser session initializes, meaning any exploit payload crafted against a known engine layout will silently fail. The technique is particularly effective against zero-day attacks, where the vulnerability exists but a specific exploit has not yet been publicly catalogued — and therefore cannot be patched or signature-detected.
Why This Partnership Makes Sense Now
The timing is not accidental. Perplexity's Personal Computer announcement at the same conference extends Comet from a browser into a 24/7 autonomous agent that accesses files, apps, and external services continuously — even while the user is away. The security implications of a browser that never sleeps require a security layer that never sleeps either.
CrowdStrike, for its part, has been building toward browser-native security since acquiring Seraphic. Comet Enterprise provides the ideal deployment vehicle: a managed, enterprise-grade AI browser where every session is already instrumented, logged, and running under admin control — a far cleaner integration surface than trying to retrofit Seraphic into a general-purpose consumer browser like Chrome or Edge.
Partnership at a Glance
| Detail | Summary |
|---|---|
| Announced | March 11, 2026 — Ask 2026 developer conference, San Francisco |
| Parties | CrowdStrike (Falcon / Seraphic) + Perplexity (Comet Enterprise) |
| Integration Layer | Falcon monitoring embedded inside Comet browser runtime |
| Seraphic Technology | JS engine randomization — stops session hijacking & MitB attacks |
| Seraphic Acquisition | $420 million — January 2026 |
| Availability | Opt-in for Comet Enterprise admins — rollout timeline TBA |
| Target Customer | Enterprises deploying agentic AI workflows at scale |
| Key Threats Addressed | Data exfiltration, shadow AI, session hijacking, man-in-the-browser |