Cisco Fortifies AI Defenses with Acquisition of Astrix Security
Cisco Systems Inc. said Monday it has reached an agreement to acquire Astrix Security, an Israel-based startup specializing in the protection of non-human identities (NHIs) and artificial intelligence (AI) agents.
Cisco did not officially disclose the financial terms, but industry reports from Calcalist pegged the deal’s value at about $400 million. This exceeds earlier estimates from The Information, which had previously estimated the acquisition price between $250 million and $350 million.
The 5-year-old Astrix Security has quickly become a leader in securing the “machine” side of digital operations. The company focuses on the credentials used by automated systems such as API keys, OAuth tokens, and service accounts to execute tasks without human intervention. In the current tech climate, these are the primary tools utilized by AI agents to access data and perform work at scale.
“As organizations race to adopt agentic technologies, security teams are under real pressure,” Peter Bailey, Cisco’s general manager of security, wrote in a blog post announcing the deal. Bailey noted that while AI capabilities are advancing rapidly, security models are lagging. According to Cisco’s AI Readiness Index, a mere 24% of organizations currently feel they can control AI agent actions with proper guardrails.
The acquisition addresses a massive blind spot in modern cybersecurity. Astrix co-founders Alon Jackson and Idan Gour noted that non-human identities now outnumber human users by a ratio of 100-to-1. Without proper oversight, these automated identities can be granted excessive privileges, creating significant vulnerabilities for credential theft and unauthorized data access.
“Cisco’s acquisition of Astrix emphasizes that identity is the third leg of the agent control plane, alongside execution environments and observability,” Mitch Ashley, vice president and practice lead for Software Lifecycle Engineering at The Futurum Group, said in an email. “The non-human identity category has been compressed into agent governance, and vendors with established identity fabric are converting that footprint into a claim on every agent decision.”
“Agent governance procurement overlaps with identity vendor consolidation,” Ashley said. “Standalone NHI platforms face a closing window. Buyers must now ask whether their incumbent identity provider can govern agents with the authority it governs people.”
Cisco plans to integrate Astrix’s technology directly into its Identity Intelligence platform. The capabilities will also be extended to Cisco’s Zero Trust Access portfolio, including its Duo and Secure Access offerings. The integration will let businesses maintain a real-time inventory of all AI agents and non-human identities, providing machine-speed detection and response to threats.
The move marks Cisco’s second major acquisition in the AI management space in recent weeks, following its deal to acquire AI observability firm Galileo Technologies in April. By folding Astrix into its ecosystem, Cisco aims to provide a unified view of agent activity across network, application, and infrastructure layers.
“Joining Cisco means Astrix now has the scale and reach to bring agentic and NHI security to organizations worldwide,” said Jackson and Gour. The deal is expected to close later this year, further cementing Cisco’s pivot toward an AI-first security strategy.
