Cisco has announced plans to acquire Astrix Security, a specialist in securing AI agents and non-human identities (NHIs), for an undisclosed sum. The deal, which is expected to close in the coming months, underscores Cisco's commitment to building a comprehensive security framework for the age of agentic AI. Astrix Security, founded five years ago, has developed a platform that discovers, governs, and protects the credentials that power modern systems—including API keys, service accounts, OAuth tokens, and machine-to-machine connections. These are the very credentials that AI agents increasingly rely on to gain access and execute tasks at scale, often with little oversight.

The acquisition is a natural extension of Cisco's existing identity and access management portfolio. Peter Bailey, senior vice president and general manager of Cisco's security business, explained in a blog post that Astrix brings deep capabilities to discover and secure every AI agent and non-human identity, including identifying excessive privileges and real-time threats. This enables organizations to adopt AI securely and at scale. Cisco plans to integrate Astrix's technology into its Cisco Identity Intelligence platform, strengthening visibility and context across all identities within the Cisco Security portfolio. Additionally, the capabilities will be extended into Cisco's zero-trust access solutions, including Cisco Secure Access and Duo Identity and Access Management.

The problem that Astrix addresses is rapidly growing. According to Cisco's AI Readiness Index, only 24% of organizations can control agent actions with proper guardrails and live monitoring, and just 31% feel fully capable of securing their agent AI systems. Astrix co-founders Alon Jackson and Idan Gour noted in a blog that agents and other non-human identities already outnumber humans by 100 to 1, creating the biggest blind spot in the identity perimeter. Most security tools were designed for human identities, leaving machine identities largely unmanaged and vulnerable to exploitation. Astrix fills this gap by providing a real-time inventory of all AI agents, Model Context Protocol (MCP) servers, and NHIs, with rich context to assess risk and business usage.

Astrix's core capabilities

Astrix offers three primary capabilities: discovery and governance for AI agents, agentic access and lifecycle management, and agentic threat detection and response. The discovery and governance module provides a comprehensive map of an organization's agentic activity, including which agents are active, what data they access, and which permissions they hold. It then applies policy to resolve hygiene issues, reduce attack surfaces, and prevent compliance violations. The lifecycle management component handles the full lifecycle of AI agents and their NHIs—from provisioning and authentication to decommissioning. This ensures that agents are only active as long as needed and that their credentials are rotated or revoked promptly.

The threat detection and response capability is perhaps the most critical. Astrix monitors for compromised credentials, out-of-scope agent actions, and other anomalous behavior. When a threat is detected, it can trigger automated responses—for example, revoking an agent's token or isolating it from sensitive resources. These responses can be orchestrated through Cisco Secure Access and Duo, or fed into a SIEM like Splunk, giving security teams a unified view of agent activity with the context needed to investigate and respond at machine speed. Bailey emphasized that this integration will allow customers to discover, authenticate, and authorize agentic identities while also detecting and responding to threats in real time.

Broader context: Cisco's AI security strategy

The Astrix acquisition is the second AI-management-related purchase Cisco has made in recent weeks. In April, Cisco announced plans to acquire Galileo Technologies, an AI observability firm whose platform provides real-time observability and guardrails for developing multi-agent systems. Galileo's technology will strengthen Cisco's Splunk observability portfolio, bringing improved AI agent monitoring capabilities, real-time visibility, and protection to the agent development lifecycle. Together, these acquisitions signal Cisco's ambition to own the entire lifecycle of AI agents—from development and testing to deployment and runtime security.

Industry analysts have noted that the convergence of identity security and AI agent management is a logical step. As organizations deploy AI agents to automate tasks, the number of non-human identities explodes. These identities often have broad privileges and are not subject to the same authentication and access controls as human users. This creates an attractive attack surface for cybercriminals. By acquiring Astrix, Cisco gains a tool that can discover every NHI, assess its risk, and enforce least-privilege access. Moreover, because Astrix integrates with existing identity providers and SIEMs, it can be deployed quickly without requiring a complete overhaul of an organization's security architecture.

The challenge of securing agentic AI

The rise of agentic AI—autonomous systems that can plan, reason, and execute tasks with minimal human intervention—poses unique security challenges. Unlike traditional software bots, AI agents can dynamically generate new credentials, interact with external services, and modify their own behavior based on real-time feedback. This makes them difficult to monitor using traditional security tools. Astrix addresses this by providing a continuous inventory of all agents and their identities, coupled with behavioral analytics that can detect deviations from expected patterns.

For example, an AI agent authorized to read customer data might suddenly attempt to write to a production database. Astrix would flag this as an out-of-scope action and could automatically revoke the agent's credentials. Similarly, if an agent's API key is leaked in a public repository, Astrix can detect the exposure and trigger a remediation workflow. These capabilities are becoming essential as more enterprises move toward autonomous operations. A recent survey from Cisco found that 78% of IT decision-makers plan to deploy AI agents in production within the next 18 months, yet only 29% have a strategy for managing non-human identities.

Astrix's platform also integrates with existing governance frameworks. It can feed data into compliance dashboards and audit logs, helping organizations meet regulatory requirements such as SOC 2, ISO 27001, and GDPR. The platform supports multi-cloud environments, including AWS, Azure, and Google Cloud, as well as on-premises deployments. This flexibility is important for enterprises that operate hybrid infrastructures.

What the acquisition means for Cisco customers

For existing Cisco customers, the acquisition promises to simplify the management of AI agents by unifying identity security across human and non-human entities. Cisco Identity Intelligence will gain the ability to discover and govern NHIs, while Cisco Secure Access and Duo will enforce access policies based on agent identity and context. Customers using Splunk will benefit from pre-built dashboards and alerts that correlate agent activity with other security events. Bailey noted that the integration will be seamless, with Astrix capabilities appearing in the Cisco Security Cloud within months of deal closure.

Astrix's co-founders expressed excitement about joining Cisco, stating that the combination of Cisco's scale and platform will allow them to bring agentic and NHI security to organizations worldwide. They emphasized that Astrix has already been adopted by several Fortune 500 companies, particularly in finance, healthcare, and technology sectors, where the need to secure machine identities is most acute. The acquisition is expected to close by the end of the current quarter, subject to regulatory approvals.

In summary, Cisco's acquisition of Astrix Security marks a significant step toward addressing one of the most pressing security challenges of the AI era. By bringing visibility, governance, and threat detection to non-human identities, Cisco is helping enterprises harness the power of AI agents without exposing themselves to undue risk. The move also positions Cisco as a leader in the emerging field of agentic AI security, a market that analysts predict will grow rapidly over the next five years. With the addition of Astrix, Cisco now has a comprehensive suite of tools to manage the identity lifecycle of both humans and machines, from development to runtime.

Source: Network World News