Cisco Moves to Acquire Astrix Security to Tackle Non-Human Identity Risks

Cisco on Monday announced its intent to acquire Astrix Security, a startup focused on securing non-human identities (NHIs) such as API keys, service accounts, and OAuth tokens increasingly used by applications and AI agents. In a blog post, Cisco said the acquisition is aimed at extending zero trust principles to the emerging “agentic workforce,” where AI agents and machine identities are rapidly expanding the enterprise attack surface. Astrix’s technology is designed to help organizations discover, govern, and secure these identities, including detecting excessive privileges and real-time threats.  Astrix provides visibility into non-human identities and the activity of AI-driven agents, along with lifecycle management and automated detection and remediation of over-privileged, unnecessary, or malicious access — including compromised credentials and rogue agent behavior. Cisco plans to integrate these capabilities into its broader security platform, including identity intelligence, secure access, and Duo IAM. The move reflects growing industry concern over risks tied to autonomous AI agents and machine-to-machine access. Analysts and reports have highlighted rising urgency among enterprises to secure non-human identities as AI adoption accelerates.  While Cisco did not disclose financial terms, Calcalist reports the deal to be valued at roughly $400 million. The company raised $45 million in a Series B round in late 2024. Learn More at the AI Risk Summit at the Ritz-Carlton, Half Moon Bay Related: Anthropic Unveils ‘Claude Mythos’ – A Breakthrough That Could Also Supercharge Attacks Related: The Mythos Moment: Enterprises Must Fight Agents with Agents Related: Claude Mythos Finds 271 Firefox Vulnerabilities Related: OpenAI Widens Access to Cybersecurity Model After Anthropic’s Mythos Reveal WRITTEN BY Mike Lennon For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world. More from Mike Lennon Iran-Linked Hackers Disrupt US Critical Infrastructure via PLC Attacks Senate Confirms Joshua Rudd to Lead NSA and US Cyber Command US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging Technologies Zscaler Acquires Browser Security Firm SquareX  CrowdStrike to Acquire Browser Security Firm Seraphic for $420 Million Tim Kosiba Named NSA Deputy Director CrowdStrike to Buy Identity Security Firm SGNL for $740 Million in Cash Palo Alto Networks, Google Cloud Strike Multibillion-Dollar AI and Cloud Security Deal Latest News Critical Remote Code Execution Vulnerability Patched in Android Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server Karakurt Ransomware Negotiator Sentenced to Prison MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Crosshairs WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities Trellix Source Code Repository Breached Cybersecurity M&A Roundup: 33 Deals Announced in April 2026 DigiCert Revokes Certificates After Support Portal Hack Trending Webinar: ROSI For CPS Security Programs May 13, 2026 In cyber-physical systems (CPS), just one hour of downtime can outweigh an entire annual security budget. Learn how to master the Return on Security Investment (ROSI) to align security goals with the bottom-line priorities. Register Virtual Event: Threat Detection And Incident Response Summit May 20, 2026 Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization. Register People on the Move Jacki Monson has joined CVS Health as SVP, Deputy CISO. Gigi Schumm has been promoted to Chief Revenue Officer at Securonix. Chris Sistrunk has been promoted to Practice Leader for Mandiant's OT Security Consulting. More People On The Move Expert Insights The Mythos Moment: Enterprises Must Fight Agents With Agents Only with the right platform and an agentic, AI-driven defense, will enterprises be able to protect themselves in the agentic era. (Etay Maor) Why Cybersecurity Must Rethink Defense In The Age Of Autonomous Agents From autonomous code generation to decision-making systems that initiate actions without human intervention, the industry is entering a new phase. (Torsten George) Government Can’t Win The Cyber War Without The Private Sector Securing national resilience now depends on faster, deeper partnerships with the private sector. (Steve Durbin) The Hidden ROI Of Visibility: Better Decisions, Better Behavior, Better Security Beyond monitoring and compliance, visibility acts as a powerful deterrent, shaping user behavior, improving collaboration, and enabling more accurate, data-driven security decisions. (Joshua Goldfarb) The New Rules Of Engagement: Matching Agentic Attack Speed The cybersecurity response to AI-enabled nation-state threats cannot be incremental. It must be architectural. (Nadir Izrael) Flipboard Reddit Whatsapp Email