Cisco has announced that it intends to acquire the New York-based non-human identity (NHI) security company, Astrix Security, focused on the API keys, service accounts and OAuth tokens that now let software systems and AI agents act across enterprise environments.
Cisco said Astrix will help it discover and secure AI agents and non-human identities, detect excessive privileges and respond to real-time threats.
The company plans to integrate Astrix into Cisco Identity Intelligence and extend its capabilities into Cisco Secure Access and Duo.
The rise of the machine user
The deal lands as reports find machine identities multiply faster than many security teams can govern. Entro Labs said non-human identities now outnumber human users 144 to one, while NHI sprawl rose 44% year over year, driven by AI agents, CI/CD automation and third-party integrations.
The same research found that 43% of exposed secrets appear in CI/CD workflow logs, collaboration tools and messaging apps, not just in code repositories.
According to a Cloud Security Alliance survey report commissioned by Astrix found that only 15% of organizations feel highly confident in preventing non-human identity attacks, while 69% express concern about them.
Identifying the governance gap
The report also identified service-account management, auditing, access governance, discovery and policy enforcement as major pain points.
Recent incidents show why vendors are moving identity controls closer to automation layers. In 2024, Mandiant tracked a campaign against Snowflake customer instances in which attackers used compromised customer credentials to steal data and extort victims.
Mandiant said it found no evidence that the unauthorized access came from a breach of Snowflake’s enterprise environment.
A related exposure pattern also surfaced in software supply chains. A GitHub advisory for CVE-2025-30066 said the tj-actions/changed-files GitHub Action was compromised in March 2025, affecting more than 23,000 repositories and exposing CI/CD secrets in workflow logs. GitHub listed potential consequences including theft of API keys, cloud credentials and SSH keys.
Visibility must precede enforcement
Cisco’s Astrix announcement, citing its AI Readiness Index, said only 24% of organizations can control agent actions with guardrails and live monitoring, while 31% feel fully capable of securing agent AI systems.
A competitive race for agentic security
Cisco is not alone in treating identity as a control layer for AI-era security. Palo Alto Networks completed its CyberArk acquisition in February, saying the deal would help secure human, machine and agentic identities.
CrowdStrike has also acquired SGNL, after announcing the deal in January, to add continuous access control for human, non-human and AI identities.
Microsoft is moving in the same direction from the platform side. Its Entra Agent ID documentation describes a system for authenticating, authorizing, governing and protecting AI agents at enterprise scale, with activity logged for compliance and audit. Cisco’s announcement did not disclose financial terms or provide a closing date.