2 min Security

CrowdStrike buys XM Cyber IP, brings Falcon to STACKIT cloud

CrowdStrike buys XM Cyber IP, brings Falcon to STACKIT cloud

CrowdStrike is deepening its ties with Schwarz Digits. The security vendor will acquire the intellectual property of XM Cyber and roll out its Falcon platform on STACKIT, the German group’s sovereign cloud. The multi-year plan targets European enterprises facing tougher compliance rules.

The two companies announced the expanded partnership earlier this week. At its heart sits a definitive agreement for CrowdStrike to buy XM Cyber’s intellectual property. XM Cyber, a Schwarz Digits company, is known for attack path visualization and offensive simulation technology.

But the deal is narrower than it first appears. According to reporting, CrowdStrike acquires more than 45 patents and proprietary source code, not XM Cyber’s revenue or customers. XM Cyber keeps operating as a standalone business under Schwarz Digits, licensing the IP back from CrowdStrike. The transaction is expected to close in the second half of CrowdStrike’s fiscal year 2027, pending regulatory approval.

Falcon lands on a sovereign cloud

The second pillar is infrastructure. A phased roadmap will deliver the Falcon platform on STACKIT, Schwarz Digits’ sovereign cloud, with data centers in Germany and Austria. Existing XM Cyber customers will be able to move to Falcon over time through Falcon Flex.

CrowdStrike has been steadily widening Falcon. The company last year added network vulnerability assessment to its exposure management line, and turned the endpoint into a hub for AI security. Falcon Exposure Management prioritizes findings based on real-world exploitability rather than raw CVE counts.

Timing meets regulation

CrowdStrike’s expanded offering will be a welcome addition to sovereignty-minded customers looking for high-tier security options.

Regulations such as NIS2 and the EU Cyber Resilience Act are pushing the demand for alternatives to US hypersclaers like STACKIT. That market has moved from concept to operational reality, driven by compliance needs and data jurisdiction concerns.

“European organizations should not have to compromise on cybersecurity for sovereignty,” said Christian Müller, CEO of Schwarz Digits.