Cisco has announced its intent to acquire Astrix Security, a startup focused on securing AI agents and non-human identities (NHIs), for an undisclosed sum. The deal underscores the networking giant's push to address one of the most pressing security blind spots in modern IT environments: the proliferation of machine identities that far outnumber human users.

Astrix Security, founded five years ago, built a platform specifically designed to discover, manage, and protect AI agents and NHIs such as API keys, service accounts, and OAuth tokens. These credentials are increasingly being used—and abused—by AI agents to gain access and execute actions at scale. The acquisition is part of Cisco's broader strategy to embed security into the fabric of agentic AI deployments.

According to Peter Bailey, senior vice president and general manager of Cisco's security business, the integration of Astrix technology will bring deep capabilities to discover and secure every AI agent and NHI, including those with excessive privileges and those facing real-time threats. This, he says, will enable organizations to adopt AI securely and at scale.

The Growing Challenge of Non-Human Identities

Non-human identities now outnumber human identities by a ratio of 100 to 1, according to industry estimates. Yet most security tools still focus primarily on human users. This leaves a massive gap in visibility and control. AI agents accelerate this problem because they often operate autonomously, using machine credentials to interact with systems, APIs, and data stores. If compromised, these agents can cause rapid, widespread damage that traditional security controls may not detect.

Cisco's AI Readiness Index indicates that only 24% of organizations can adequately control agent actions with proper guardrails and live monitoring. Just 31% feel fully capable of securing their agentic AI systems. The acquisition of Astrix is a direct response to this readiness gap.

What Astrix Brings to the Table

Astrix's platform offers a real-time inventory of all AI agents, MCP servers, and NHIs, contextualizing each identity with risk and business usage. This enables security teams to see exactly what each agent is doing, which permissions it holds, and whether its behavior deviates from expected patterns.

The platform includes three core capabilities:

• Discovery and governance for AI agents: Provides a complete map of organizational agentic activity, enforces policies to resolve hygiene issues, reduces attack surfaces, and prevents compliance violations.
• Agentic access and lifecycle management: Manages AI agents and their NHIs from provisioning through decommissioning, ensuring credentials are rotated and revoked when no longer needed.
• Agentic threat detection and response: Detects and responds to threats such as compromised credentials and out-of-scope agent actions, integrating with existing incident response workflows.

These capabilities are designed to work across cloud, on-premises, and hybrid environments, giving security teams a unified view of agent activity. Astrix also feeds intelligence into Splunk or any SIEM, enabling investigations at machine speed.

Integration with Cisco's Portfolio

Cisco plans to integrate Astrix's technology into multiple products. First, it will be embedded into Cisco Identity Intelligence, which provides a comprehensive view of all identities across the Cisco Security platform. This will give customers deeper visibility and context when managing human and non-human identities together.

Second, the capabilities will extend into Cisco's zero trust access portfolio, including Cisco Secure Access and Duo Identity and Access Management. This means customers will be able to discover, authenticate, and authorize agentic identities as part of their zero trust architecture. They will also be able to detect and respond to threats using the same tools they already use for human-based access.

"Customers will be able to discover, authenticate, and authorize agentic identities, as well as detect and respond when they use Cisco Secure Access as well as Duo," Bailey wrote. "This visibility and intelligence also feeds into Splunk (or any SIEM), giving security teams a unified view of agent activity."

Part of a Broader AI Security Push

The acquisition of Astrix is Cisco's second AI-management-related deal in recent weeks. In April, the company announced plans to acquire Galileo Technologies, an AI observability firm. Galileo provides real-time observability and guardrails for the development of multi-agent systems. That technology will strengthen Cisco's Splunk observability portfolio and bring improved AI agent monitoring capabilities to the development lifecycle.

Taken together, these acquisitions signal that Cisco is betting heavily on the need for specialized tools to manage and secure AI agents throughout their lifecycle—from development to production. The company is positioning its security and observability platforms as the backbone for safe AI adoption in the enterprise.

Astrix's co-founders, Alon Jackson and Idan Gour, noted that agents and other NHIs remain under the radar and create the biggest blind spot in the identity perimeter. They see joining Cisco as a way to bring agentic and NHI security to organizations worldwide. "Astrix became the platform security teams turn to when they need to discover, govern, and protect every agentic and non-human identity across their environment," they wrote. "Joining Cisco means Astrix now has the scale, the reach, and the platform to bring agentic and NHI security to organizations worldwide."

Industry Context and Expert Analysis

The rapid adoption of AI agents across industries has created a new attack surface that many organizations are ill-prepared to defend. Unlike traditional software, AI agents can make autonomous decisions, modify their behavior, and interact with multiple systems in ways that are hard to predict. Securing them requires a shift from static access controls to dynamic, context-aware policies.

Analysts point out that most current identity and access management (IAM) solutions are built for human workflows. They lack the ability to understand machine-to-machine interactions, OAuth token lifetimes, or the subtleties of API-based authentication. Astrix fills that gap by providing a purpose-built security layer for NHIs.

The deal also reflects a broader trend in the cybersecurity industry: major vendors are racing to acquire startups that specialize in AI agent security. As organizations deploy more agentic systems, the ability to monitor, govern, and protect these identities becomes critical. Cisco's move puts it ahead of many competitors in this nascent but fast-growing segment.

What Comes Next

The acquisition is expected to close in the coming months, pending regulatory approvals. Once completed, Cisco will begin integrating Astrix's team and technology into its security business unit. Customers can expect to see the first combined features appear in Cisco Identity Intelligence, Secure Access, and Duo later this year.

For organizations already using Cisco's security portfolio, the addition of Astrix will mean they no longer need a separate tool to manage non-human identities. For those evaluating new security strategies, the acquisition positions Cisco as a one-stop shop for identity security that covers both humans and machines.

As AI agents continue to proliferate, the line between human and machine identity will blur further. Cisco's investment in Astrix suggests the company believes that securing that new hybrid identity landscape is not just an add-on but a core requirement of modern enterprise security. The ability to discover, monitor, and protect every agent and credential at scale will likely become table stakes in the next generation of cybersecurity platforms.

Source: Network World News