Cisco Moves to Acquire Astrix Security to Address Rising Non-Human Identity Risks

Cisco has announced its intent to acquire Astrix Security, a cybersecurity startup focused on securing non-human identities (NHIs), as organizations face increasing risks from AI agents and automated systems.

The acquisition is aimed at tackling a rapidly expanding attack surface created by machine identities such as API keys, service accounts, and OAuth tokens—credentials widely used by applications and AI-driven agents. These non-human identities often operate with broad permissions and limited oversight, making them a critical vulnerability in modern enterprise environments.

Astrix Security’s platform is designed to provide visibility into these identities, enabling organizations to discover, monitor, and govern AI agents and automated processes. It also helps detect excessive privileges, compromised credentials, and anomalous behavior in real time, allowing for faster response and remediation.

Cisco plans to integrate Astrix’s capabilities into its broader security ecosystem, including identity intelligence, zero-trust access solutions, and identity and access management tools. This integration is expected to enhance Cisco’s ability to secure AI-driven environments by combining identity-level visibility with network, application, and infrastructure insights.

The move reflects a broader industry shift toward identity-centric security, especially as AI adoption accelerates. With AI agents increasingly acting autonomously within enterprise systems, traditional security models—designed primarily for human users—are proving insufficient. Analysts note that non-human identities already outnumber human users in many organizations, further amplifying the risk.

While financial terms were not officially disclosed, reports suggest the deal could be valued at around $300–$400 million.

This acquisition highlights Cisco’s strategic focus on securing the “agentic workforce,” positioning itself to address emerging threats in AI-driven ecosystems and reinforcing the importance of managing machine identities as a core pillar of cybersecurity.

- Advertisement -