Cisco has announced its intent to acquire Astrix Security Ltd., a company specializing in Non-Human Identity security, as enterprises face growing risks from the rapid deployment of AI agents. The acquisition addresses a critical gap in enterprise security as automated AI agents increasingly access data, make decisions, and execute tasks at machine speed using non-human credentials such as API keys, service accounts, and OAuth tokens.
The security challenge stems from the fundamental difference between human and machine identities. While human users authenticate through traditional methods, AI agents rely on programmatic credentials to connect to enterprise systems. If threat actors compromise these credentials, they can execute malicious actions at scale with minimal detection. According to Cisco's AI Readiness Index, only 24% of organizations currently have adequate guardrails to control AI agent actions safely, leaving a significant portion of enterprises vulnerable to AI-driven attacks.
Astrix Security brings five years of specialized expertise in protecting machine-to-machine credentials. The acquisition will integrate four core capabilities into Cisco's security portfolio: discovery and governance to map AI agent activity and prevent compliance violations; lifecycle management for provisioning through decommissioning; automated threat detection to identify compromised credentials and block unauthorized actions; and centralized secrets management for protecting sensitive keys and tokens across cloud environments.
Cisco plans to incorporate Astrix's technology into Cisco Identity Intelligence, extending new NHI features into Cisco Secure Access and Duo Identity and Access Management. This integration will enable organizations to authenticate and authorize non-human identities under a Zero Trust framework, applying the same security scrutiny to AI agents as human employees. The combined intelligence can feed into Splunk or other SIEM tools, providing security operations centers with unified visibility into agent behavior for real-time threat investigation.
The acquisition represents a strategic move in Cisco's broader effort to secure AI-era infrastructure, building on recent initiatives including Project Glasswing, Live Protect, and the Galileo acquisition. Organizations deploying AI agents should prioritize implementing comprehensive NHI security controls, including credential discovery, continuous monitoring, and automated threat response capabilities to safely scale automation while maintaining security posture.
Source: https://cybersecuritynews.com/cisco-acquire-astrix-security/