Cisco Announces Intent to Acquire Astrix Security
In a Cisco blog post, the company announced its intent to acquire Astrix Security Ltd., which Cisco described as a pioneer in Non-Human Identity (NHI) Security. Per Cisco's blog post, the acquisition is framed as extending Zero Trust to the emerging "agentic workforce" of AI agents and non-human identities. Cisco reported that only 24% of organizations can control agent actions with proper guardrails and live monitoring, and that just 31% feel fully capable of securing their agent AI systems. The post also highlights Cisco capabilities such as Secure Access, Duo Agentic Identity, Mythos as an example model reshaping risk, and integration with Splunk for automated SOC response.
What happened
In a Cisco blog post, Cisco announced its intent to acquire Astrix Security Ltd., which Cisco described as a pioneer in Non-Human Identity (NHI) Security. Per Cisco's blog post, the deal is positioned to help extend Zero Trust controls to AI agents and non-human identities in the enterprise. The post states that only 24% of organizations can control agent actions with proper guardrails and live monitoring, and that 31% feel fully capable of securing agent AI systems. Cisco also referenced Mythos as an example of new model capabilities changing the threat landscape and cited work across Secure Access, Duo Agentic Identity, firewall inspection, MCP gateways, and integration with Splunk for SOC automation.
Technical details
Per the blog post, Cisco said it has expanded its Zero Trust Access architecture with Secure Access and Duo Agentic Identity capabilities to discover and authorize agents and their actions. The post describes an "AI Defense" portfolio that includes tools to scan and harden models, gateways to inspect AI traffic, and automated SOC workflows through Splunk. Cisco framed these capabilities as aimed at improving visibility, governance, and response for agentic systems; the post did not publish acquisition financial terms or an integration timeline.
Context and significance
Editorial analysis: The acquisition announcement fits a broader industry pattern where established security vendors are incorporating non-human identity controls and runtime governance into Zero Trust frameworks. For practitioners, the move highlights demand for tooling that can: 1) identify machine identities and agent endpoints, 2) enforce action-level authorization and monitoring, and 3) integrate model-level telemetry into detection and response pipelines.
What to watch
For practitioners: Watch for Cisco product messaging and documentation that clarify how Astrix capabilities map to existing Zero Trust controls, which APIs or telemetry formats will be supported for agent visibility, and whether third-party validation or integrations (for example with SIEMs or policy engines) appear. Also monitor regulatory and standards activity around non-human identity and agent governance, since those will shape enterprise adoption and vendor roadmaps.
Scoring Rationale
Cisco acquiring a specialist in Non-Human Identity is a notable development for enterprise security practitioners because it accelerates vendor support for agent-level controls and Zero Trust extensions. The story matters operationally but is not a frontier-model or benchmark shift, hence a mid-high score.
Practice interview problems based on real data
1,500+ SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems
