Abstract image representing cybersecurity

Cisco Acquiring Astrix Security to Extend Zero Trust to the Agentic Workforce

Cisco announced its intent to acquire Astrix Security, a Tel Aviv-based company specializing in Non-Human Identity (NHI) security. The acquisition targets the growing, largely underserved segment of enterprise security focused on governance, visibility, and threat detection for non-human identities, including API keys, service accounts, OAuth tokens, and AI agents. 

As agentic AI deployments scale across enterprise environments, NHIs have emerged as a primary attack surface that traditional IAM tools don’t always adequately protect.

Cisco plans to integrate Astrix’s capabilities into its broader security platform, including Cisco Identity Intelligence, Cisco Secure Access, Duo, and Splunk.

The acquisition extends Cisco’s Zero Trust architecture to cover agentic workloads.

Who Is Astrix Security

Astrix Security was founded in Tel Aviv in 2021 by Alon Jackson (CEO) and Idan Gour (CTO), both veterans of Israel’s Unit 8200, an elite military intelligence and cyber operations unit. The company launched commercially in 2022 and raised $85 million across three funding rounds, including a $45 million Series B in late 2024, led by Menlo Ventures through its Anthology Fund, a $100 million initiative backed by Anthropic. Additional investors include Bessemer Venture Partners, CRV, Workday Ventures, and F2 Venture Capital.

Astrix provides the following capabilities:

  • NHI discovery scope: Astrix maps API keys, service accounts, OAuth tokens, and AI agents across SaaS, IaaS, and PaaS environments, including shadow agents provisioned without security team involvement.
  • Lifecycle management: The platform manages NHIs from provisioning through decommissioning, addressing the accumulated-privilege problem that plagues long-running service accounts and integrations.
  • Agentic threat detection: Real-time behavioral monitoring flags compromised credentials and out-of-scope agent actions, extending ITDR coverage to non-human entities.
  • Secrets management: Centralized secrets management across vaults and cloud environments reduces the fragmentation that creates credential blind spots in complex deployments.

The  platform operates agentlessly, enabling security teams to deploy without modifying the environments under governance.

Acquisition Rationale

Cisco’s acquisition of Astrix directly addresses a gap in its existing security portfolio. Cisco has been assembling a comprehensive AI security stack:

  • AI Defense for protecting internally built models and agents
  • Cisco Secure Access and Duo for agentic identity discovery and access enforcement
  • Splunk for SOC automation and security event correlation.

What the portfolio lacks is a purpose-built capability for NHI lifecycle management and agentic identity governance, a function that becomes increasingly critical as AI agents proliferate across enterprise systems.

Several strategic factors reinforce the acquisition logic beyond the immediate product gap:

  • Platform integration depth: Astrix’s capabilities map directly to four Cisco security products (Identity Intelligence, Secure Access, Duo, and Splunk), enabling a coherent integration roadmap rather than a standalone product addition.
  • Cross-layer visibility advantage: Cisco’s existing visibility across identity, network, application, and infrastructure layers provides a context plane that makes Astrix’s NHI governance materially more actionable. Behavioral anomalies detected by Astrix can be correlated with the network and application telemetry Cisco already collects.
  • Agentic AI timing: Enterprise AI agent deployments are moving from pilot to production at an increasing pace. Cisco is positioning Astrix as a foundational component of its agentic security offering ahead of that transition, not in response to it.
  • Category ownership: Acquiring the company that defined the NHI security category gives Cisco a claim to that market’s growth trajectory, rather than competing against an entrenched specialist later.

The acquisition also extends Cisco’s Project Glasswing initiative, which aims to harden Cisco’s products and partner ecosystem against AI-accelerated threats. Astrix’s research capabilities and threat intelligence add depth to Cisco’s internal security hardening work.

Analysis

The acquisition reinforces Cisco’s positioning as a full-stack AI security vendor. Cisco now covers the AI security lifecycle, from model protection and agent access enforcement to NHI governance and SOC response via Splunk. This end-to-end coverage gives Cisco a clear differentiation over point-solution vendors and competitors whose AI security portfolios remain fragmented across disparate products.

The acquisition extends Cisco’s Zero Trust architecture to govern AI agents as a new class of enterprise identity. This framing positions Cisco ahead of identity governance vendors that have yet to build dedicated NHI capabilities and ahead of IAM specialists whose architectures were designed for human-centric access models.

Impact on IT & Security Practitioners

Security teams managing large-scale cloud environments face a real and growing NHI governance problem. AI agent deployments exacerbate it as employees connect AI tools to corporate systems without formal provisioning, agents accumulate broad permissions that persist well past their useful scope, and the credentials these agents use receive little to no audit coverage under conventional IAM processes.

Astrix addresses this directly by providing continuous inventory, privilege assessment, and real-time threat detection for NHIs.

For organizations already running Cisco Secure Access, Duo, or Splunk, Astrix integration will extend those platforms’ coverage to NHIs and agentic workloads. Security teams should expect Astrix’s capabilities to initially appear as feature additions within existing Cisco dashboards (rather than as a separate product deployment).

The agentless architecture reduces deployment friction, though the practical scope of full NHI discovery across complex multi-cloud environments requires configuration work that teams should plan for.

Competitive Landscape

The NHI security market is still in its early stages but no longer empty. Competitors include companies like Oasis Security and Clutch Security.

Beyond dedicated NHI specialists, the market faces adjacent competition from identity platform vendors expanding their coverage, cloud security posture management vendors integrating NHI discovery into broader CSPM toolsets, and secret management platforms expanding into governance.

Cisco’s acquisition of Astrix consolidates the category leader into a major platform vendor, which creates both competitive pressure and a market validation signal:

  • For dedicated NHI startups: Cisco’s move signals that enterprise buyers will increasingly expect NHI governance as a standard feature of their existing security platforms, thereby compressing the addressable market for standalone NHI products.
  • For identity platform vendors: Okta, CyberArk, and SailPoint face mounting pressure to add NHI coverage as Cisco integrates Astrix into Duo and Identity Intelligence. CyberArk has taken steps in this direction; others have more ground to cover.
  • For SentinelOne and Palo Alto Networks: Both competitors operate broad AI security strategies. Neither has announced an equivalent NHI acquisition, creating a coverage gap that Cisco will move to exploit in competitive deals.
  • For enterprise buyers: The integration path offers Cisco customers a lower-friction route to NHI governance than deploying a standalone vendor, though buyers with existing investments in competing identity platforms will need to weigh integration complexity against the convenience argument.

Final Thoughts

Cisco’s acquisition of Astrix Security fills a specific and consequential gap in enterprise AI security. Non-human identities have grown faster than the governance frameworks designed to manage them, and the arrival of AI agents at scale makes this gap all the more urgent.

Astrix built the leading platform in a category it helped define, with a mature product, zero reported customer churn, and a customer list that spans major enterprises across multiple verticals. Cisco acquires a team with genuine depth.

Cisco’s integration plan is coherent. Mapping Astrix’s capabilities to Identity Intelligence, Secure Access, Duo, and Splunk creates compounding value. Cisco’s cross-layer telemetry makes Astrix’s behavioral detection more powerful, and Astrix’s NHI governance fills coverage gaps left by those platforms. The combination is more defensible than either component alone.

Done well, this acquisition gives Cisco a credible claim to end-to-end AI security that few competitors can match. IT security teams evaluating their agentic AI governance posture should include Cisco’s NHI roadmap in their near-term planning assessments.

Related Research

Picture of Steve McDowell

Steve McDowell

Steve McDowell is Principal Analyst and founder of NAND Research. Steve covers all things enterprise infrastructure, with a particular emphasis on data and storage .

Disclosure: The author is an industry analyst, and NAND Research an industry analyst firm, that engages in, or has engaged in, research, analysis, and advisory services with many technology companies, which may include those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.