Cisco Agentic Security expands with Astrix Deal

Cisco Agentic Security expands with Astrix Deal

The rise of agentic AI is creating a new class of enterprise coworkers that operate at machine speed, but the security infrastructure to manage them is lagging. Cisco recently announced its intent to acquire Astrix Security Ltd., a pioneer in Non-Human Identity security, to bridge the widening gap between AI productivity and organizational safety. This blog overviews the Cisco acquisition of Astrix Security and offers our analysis.

Why did Cisco announce the acquisition of Astrix Security?

Cisco is moving to address a critical vulnerability in the modern digital enterprise: the explosion of AI agents that access data and take actions autonomously. As organizations adopt frontier models, they are finding that traditional security models cannot keep pace with the planning and execution capabilities of these new tools. Astrix Security specializes in protecting the identities and credentials—such as API keys, OAuth tokens, and service accounts—that power these automated systems. By integrating Astrix, Cisco aims to provide the discovery, governance, and threat detection necessary to manage the lifecycle of non-human identities.

Analysis

This acquisition signals a fundamental shift in how enterprise security must be architected for the age of autonomous agents. The industry is moving beyond human-centric security toward a reality where non-human coworkers represent the primary attack surface. Cisco’s move to buy Astrix is not just a tactical addition to its portfolio but a strategic necessity to remain relevant in a market dominated by machine-to-machine interactions. This news means that the legacy focus on user logins and passwords is no longer sufficient; the new battleground is the identity layer of the automated supply chain.

The timing of this deal is notable, occurring as Cisco participates in initiatives like Project Glasswing to harden defenses against high-impact, AI-accelerated risks. By combining non-human identity focus with the recent acquisition of Galileo for AI observability and the data processing power of Splunk, Cisco is attempting to build a comprehensive AI control plane. This strategy indicates that for a vendor to win in the enterprise AI market, they must provide more than just connectivity; they must provide a verifiable, observable, and secure environment for autonomous agents to function. For the broader market, this move sets a high bar, suggesting that point solutions for AI security will soon be absorbed into massive, end-to-end security platforms.

What should enterprises do about this news?

Enterprises currently racing to deploy agentic AI should evaluate their existing identity and access management frameworks to see if they can account for non-human actors. You should consider its implications on your technology stack, specifically how you authorize and monitor the actions of third-party AI agents. Note that there are many other options coming on line in the Agentic Identity and Security market.

Astrix might be an option to look at now, along with others such as Britive. It is important to watch the integration of Astrix into Cisco Identity Intelligence and Duo, as this will likely be the primary mechanism for establishing zero-trust guardrails for automated workflows. We recommend that security teams prioritize the discovery of shadow agents—automated tools currently working within their networks without formal oversight.

Bottom Line

The acquisition of Astrix Security by Cisco highlights the urgent need to secure non-human identities as AI agents become core to business operations. Cisco is positioning itself as the critical gatekeeper for the agentic workforce by integrating identity, network visibility, and machine-speed response. Enterprises must move quickly to close the gap between their AI ambitions and their security readiness, shifting focus from protecting people to protecting the automated systems that now act on their behalf.