Cisco Acquires Astrix Security: NHI Security for AI Agents

The News

Cisco has closed its acquisition of Astrix Security Ltd., a specialist in Non-Human Identity (NHI) security focused on securing the API keys, service accounts, and OAuth tokens that AI agents use to access enterprise systems. The deal extends Cisco’s Zero Trust architecture to cover agentic identities, a category that most enterprise security programs have not yet addressed. Cisco plans to integrate Astrix’s capabilities into Cisco Identity Intelligence, Cisco Secure Access, and Duo IAM, with threat intelligence feeding into Splunk and compatible SIEMs for unified visibility and response.

Analyst Take

The Attack Surface Nobody Budgeted For

The timing of this acquisition is not accidental. Enterprises have spent the last 18 months racing to deploy AI agents, and they’ve done so largely by treating those agents the way they once treated service accounts: provisioned quickly, governed loosely, and forgotten until something breaks. That creates a sprawling, largely unmapped population of identities with real access to real systems. ECI Research’s 2026 Application Development: DevSecOps + AppSec survey found that AI code governance is the #1 priority investment area for enterprise security teams heading into 2026. Cisco is positioning Astrix as the answer to that priority before most buyers have even finished defining the question.

This is the core insight: the NHI problem is not a future risk. It’s a present one. Every AI agent that calls an API, reads a data store, or executes a workflow does so through a credential. Those credentials get rotated inconsistently, scoped too broadly, and rarely decommissioned when the agent is retired or repurposed. Astrix’s lifecycle management capability, covering provisioning through decommissioning, is the piece of the puzzle that most point solutions skip entirely.

Why Cisco Wins the Integration Argument

The acquisition’s strategic logic depends heavily on platform context, and Cisco has it. Connecting Astrix’s discovery and governance engine to Cisco Identity Intelligence, then routing signals into Splunk, means NHI events don’t live in a separate console. They surface alongside human identity anomalies, network telemetry, and application behavior. That unified visibility is genuinely differentiated. Standalone NHI vendors can discover agents and flag anomalies, but they cannot correlate an out-of-scope agent action against network traffic patterns and endpoint telemetry simultaneously. Cisco can.

For developers and platform engineers, the Astrix integration matters because it could address the specific friction point in agentic architectures: secrets management across heterogeneous vault and cloud environments. Centralizing that capability and connecting it to a broader IAM and SIEM stack reduces the operational burden of securing agents without forcing teams to instrument every pipeline manually. The question for enterprise architects is whether the Cisco integration timeline is aggressive enough to keep pace with agentic deployment velocity, which is moving faster than most security programs can track.

The Governance Gap Is Structural

ECI Research’s 2026 DevSecOps + AppSec survey found that 67.5% of respondents selected “Repository access controls” when asked which supply chain protections are enforced. That number looks solid until you consider what it excludes: the runtime credential layer where AI agents actually operate. Repository controls protect the code supply chain. They do not protect the identity supply chain created when that code executes as an autonomous agent with OAuth tokens and API keys attached. Astrix could close that gap directly.

ITDMs should read this acquisition as a signal that Zero Trust architectures built for human identities are incomplete. An enterprise can have mature IAM policies, MFA enforcement, and role-based access controls across its entire human workforce and still have hundreds of AI agents operating with over-privileged, long-lived, unmonitored credentials. That is not a security gap that awareness programs or additional training will fix. It requires dedicated tooling and lifecycle governance, and Cisco has now bought the leading capability in that category.

Looking Ahead

The NHI security market is going to consolidate quickly. Cisco’s acquisition of Astrix removes what would have been an obvious independent platform play and anchors NHI governance inside the largest enterprise security portfolio in the industry. Competitors and the emerging class of identity security vendors will need to respond either through acquisition or by accelerating their own agent-aware identity capabilities. Expect at least one more significant NHI acquisition in the next two to three quarters as the market reprices the category.

For enterprise security teams, the near-term decision is not whether to buy Astrix or an equivalent. It’s whether to treat NHI governance as a standalone initiative or absorb it into an existing Zero Trust program. Cisco is betting heavily on the latter framing, and the platform integration story is credible enough to win that argument with most enterprise buyers already standardized on Cisco networking and security infrastructure. Organizations that have deferred agentic identity governance should treat this acquisition as a forcing function: the tooling now exists at enterprise scale, and the regulatory and audit scrutiny of AI agent access is coming whether organizations are ready or not.

Authors

  • Paul Nashawaty

    Paul Nashawaty, Practice Leader and Lead Principal Analyst, specializes in application modernization across build, release and operations. With a wealth of expertise in digital transformation initiatives spanning front-end and back-end systems, he also possesses comprehensive knowledge of the underlying infrastructure ecosystem crucial for supporting modernization endeavors. With over 25 years of experience, Paul has a proven track record in implementing effective go-to-market strategies, including the identification of new market channels, the growth and cultivation of partner ecosystems, and the successful execution of strategic plans resulting in positive business outcomes for his clients.

    View all posts
  • With over 15 years of hands-on experience in operations roles across legal, financial, and technology sectors, Sam Weston brings deep expertise in the systems that power modern enterprises such as ERP, CRM, HCM, CX, and beyond. Her career has spanned the full spectrum of enterprise applications, from optimizing business processes and managing platforms to leading digital transformation initiatives.

    Sam has transitioned her expertise into the analyst arena, focusing on enterprise applications and the evolving role they play in business productivity and transformation. She provides independent insights that bridge technology capabilities with business outcomes, helping organizations and vendors alike navigate a changing enterprise software landscape.

    View all posts