Cisco completed its acquisition of Israeli startup Astrix Security, a company founded in 2021 by Alon Jackson and Idan Gour, integrating Astrix’s platform into Cisco Identity Intelligence and Zero Trust products. The platform focused on visibility and control for non-human identities, featuring detection and lifecycle management for software agents, API keys, service accounts and tokens.
Astrix’s tooling was designed to monitor agent behaviour and feed telemetry into event management systems such as Splunk for faster threat detection and response. The startup raised a $45 million Series B round in December 2024 with backing from Menlo Ventures and Anthropic, and Cisco said it plans to integrate Astrix’s capabilities into Duo and Secure Access.
For enterprises, the acquisition provides greater oversight of autonomous AI agents and machine identities, helping reduce risks tied to over-privileged or compromised non-human actors. As organisations expand AI deployments, real-time agent guardrails and revocation workflows are increasingly becoming a core security requirement rather than a niche capability.
Image Credit: Astrix Security
Key Themes Behind This Trend
- Non-human Identity Management
- Growing demand for lifecycle visibility and policy enforcement around software agents, API keys and tokens creates potential for platforms that map, score and govern machine identities continuously.
- Agent Telemetry Integration
- Telemetry-driven detection that correlates agent behavior with SIEM and XDR systems opens avenues for contextualized threat models and behavioral baselining of non-human actors.
- Real-time Revocation Workflows
- Enterprises increasingly needing instantaneous credential revocation and automated remediation suggest opportunities for low-latency orchestration layers tied to identity and access controls.
Where This Applies
- Cybersecurity
- Security vendors can expand beyond human-centric IAM to offer specialized controls, threat analytics and compliance tooling for machine and agent identities.
- Cloud Platform Providers
- Cloud providers have scope to integrate native non-human identity governance into IAM, secrets management and service mesh offerings to reduce lateral compromise risk.
- Devops and Software Development
- Tooling that embeds agent-aware credential lifecycle and telemetry into CI/CD and runtime environments could shift how teams manage automation and pipeline risks.
