Cisco Acquires Astrix Security to Manage AI Agent Access
Cisco announced plans to acquire Astrix Security to address a critical gap in enterprise security: controlling AI agents and non-human identities like API keys, service accounts, and OAuth tokens. The company did not disclose the acquisition price.
The move reflects a widening security problem. According to Cisco's AI Readiness Index, only 24% of organizations can control agent actions with proper guardrails and live monitoring. Just 31% feel equipped to secure their agent AI systems.
Astrix Security, founded five years ago, built a platform to discover, manage, and secure AI agents and non-human identities across entire organizations. The company maintains real-time inventory of all AI agents, machine-to-machine connections, and associated risks.
What Managers Need to Know
Cisco plans to integrate Astrix's capabilities into three product lines: Identity Intelligence, Secure Access, and Duo Identity and Access Management. This means organizations using Cisco's security tools will gain visibility into AI agent activity across their infrastructure.
The integration addresses a scale problem. Non-human identities outnumber human identities 100-to-1 in most organizations, yet remain largely invisible to security teams.
Astrix's platform handles three core functions:
- Discovery and governance - mapping all agentic activity and reducing attack surfaces
- Access and lifecycle management - provisioning and decommissioning AI agents
- Threat detection and response - identifying compromised credentials and unauthorized agent actions
Security teams will be able to feed agent activity data into Splunk or other security information and event management systems, creating a unified view of agent behavior across the organization.
Part of a Broader Strategy
This acquisition follows Cisco's purchase of AI observability firm Galileo Technologies in April. Galileo's platform monitors multi-agent system development and adds guardrails for AI agent protection during the development phase.
Together, the two acquisitions address agent security across the full lifecycle: from development through production monitoring and access control.
For managers overseeing security and AI adoption, the acquisitions signal where enterprise security vendors are investing resources. The focus on non-human identities reflects a practical reality: as organizations deploy more AI agents, traditional identity and access management tools fall short.
Learn more about AI for Management and how security strategy fits into broader organizational AI adoption plans.
Your membership also unlocks:
