Cisco has announced its intention to acquire Astrix Security, a startup specializing in securing AI agents and non-human identities (NHIs), for an undisclosed sum. The move is part of Cisco's broader strategy to fortify its security portfolio against the rapidly expanding threat landscape associated with AI-driven automation and machine-to-machine interactions. Astrix's platform, built over five years, focuses on discovering, managing, and securing the credentials that power modern systems — such as API keys, service accounts, and OAuth tokens — which are increasingly exploited by AI agents to gain unauthorized access and execute tasks at scale.
Peter Bailey, senior vice president and general manager of Cisco's security business, detailed the acquisition in a blog post, emphasizing that Astrix's technology will be integrated into Cisco Identity Intelligence to provide deeper visibility and context across identities. Additionally, the capabilities will extend to Cisco's zero-trust access portfolio, including Cisco Secure Access and Duo Identity and Access Management. This integration aims to enable customers to discover, authenticate, and authorize agentic identities, as well as detect and respond to threats in real time, feeding data into Splunk or any SIEM for unified monitoring.
The acquisition underscores a critical gap in enterprise security: according to Cisco's AI Readiness Index, only 24% of organizations can effectively control agent actions with proper guardrails and live monitoring, and just 31% feel fully capable of securing their agent AI systems. Agents and other NHIs now outnumber human identities by 100 to 1, yet they remain under the radar, creating a significant blind spot in identity perimeters. Astrix co-founders Alon Jackson and Idan Gour noted in a blog that their platform became the go-to solution for security teams needing to discover, govern, and protect every agentic and non-human identity across their environment, from provisioning to decommissioning, with real-time threat detection.
Astrix's capabilities include Discovery and governance for AI agents, which provides a map of the organization's agentic activity, resolves hygiene issues, reduces attack surfaces, and prevents compliance violations. Agentic access and lifecycle management ensures proper provisioning and decommissioning of AI agents and their NHIs. Agentic threat detection and response identifies compromises such as credential theft or out-of-scope agent actions. These features will be crucial as enterprises increasingly adopt agentic technologies — AI agents that can act autonomously, often without human oversight, to perform tasks like data analysis, customer service, and network management.
The challenge of securing AI agents is not new, but it has escalated with the proliferation of generative AI and large language models (LLMs) that can be combined with external tools and APIs. Non-human identities, such as service accounts and API keys, have long been a security concern, but the advent of AI agents has multiplied the attack surface. Astrix's platform addresses this by maintaining a real-time inventory of all AI agents, MCP servers, and NHIs, along with contextual risk assessments and business usage insights. This visibility is essential for security teams to understand which agents are operating, what permissions they have, and whether they are behaving as expected.
Cisco's acquisition of Astrix is the second AI-management-related purchase the company has made in recent weeks. In April, Cisco announced plans to acquire Galileo Technologies, an AI observability firm, to strengthen its Splunk observability portfolio. Galileo's platform provides real-time observability and guardrails for developing multi-agent systems, complementing Astrix's focus on runtime security of agent identities. Together, these acquisitions signal Cisco's commitment to building a comprehensive AI security stack that covers the entire lifecycle of AI agents — from development to deployment to ongoing protection.
The integration of Astrix's technology into Cisco's Identity Intelligence will enhance the platform's ability to provide a unified view of all identities, including machine identities, which have traditionally been less visible than human identities. This is a critical step as organizations move toward zero-trust architectures that require continuous verification of every access request, regardless of whether it comes from a human or a machine. By adding Astrix's capabilities, Cisco aims to close the gap between human and non-human identity management, ensuring that AI agents are subject to the same rigorous security controls as their human counterparts.
Industry analysts have noted that the acquisition addresses a pressing need in the cybersecurity market. The rise of AI agents in enterprise workflows has introduced new risks, such as credential misuse, privilege escalation, and data exfiltration, which traditional identity management tools are not designed to handle. Astrix's approach of treating agentic identities as first-class citizens in the security framework aligns with best practices for modern identity security. The platform's ability to enforce policies across provisioning, decommissioning, and real-time threat detection provides a holistic solution that can adapt to the dynamic nature of agent activities.
Cisco's move also fits into a broader trend of major technology vendors consolidating AI security capabilities. Competitors like Microsoft and Palo Alto Networks have also invested heavily in securing machine identities and AI workloads. By acquiring Astrix, Cisco gains a specialized technology that can be integrated across its security portfolio, potentially giving it a competitive advantage in the enterprise market. The deal is expected to close in the coming months, subject to regulatory approvals, and Cisco has indicated that Astrix's team will join Cisco's security business unit.
For customers, the acquisition promises immediate benefits in terms of visibility and control over AI agents. Organizations that have already deployed AI agents for tasks like customer support, code generation, or network optimization can use Astrix's platform to audit their agent ecosystems and identify potential vulnerabilities. The integration with Cisco Secure Access and Duo will allow security teams to enforce policies at the point of access, reducing the risk of unauthorized agent activity. Additionally, the feed to Splunk will provide security operations centers with a unified view of agent events, enabling faster incident response.
Looking ahead, the acquisition positions Cisco to address the growing demand for agentic AI security as businesses accelerate their AI adoption. The technology is expected to evolve to support more complex multi-agent systems and autonomous workflows, requiring continuous innovation in identity and access management. Cisco's long-term vision appears to be creating a seamless security fabric that protects all digital entities, whether human, machine, or AI agent, across hybrid and multi-cloud environments. The Astrix acquisition is a significant step in that direction, bringing specialized expertise and a proven platform into the Cisco ecosystem.
Source: Network World News