Cisco’s Astrix Security Acquisition: Your Questions Answered on Non-Human Identity Risks

<p>In a strategic move to fortify identity-centric security for AI and machine access, Cisco has announced its plans to acquire Astrix Security. This acquisition highlights the growing importance of managing non-human identities—such as API keys, service accounts, and machine credentials—in today’s automated and AI-driven environments. Below, we address key questions about the deal and its implications.</p> <div id="q1"><h2>Why is Cisco acquiring Astrix Security?</h2><p>Cisco is acquiring Astrix Security to bolster its identity security portfolio, specifically targeting the risks posed by non-human identities. As organizations increasingly rely on AI, machine learning, and automated workflows, the volume of machine-to-machine interactions has surged. These non-human entities—like service accounts, CI/CD pipelines, and API tokens—often lack proper oversight, creating security gaps. Astrix brings specialized technology for discovering, managing, and securing these identities, helping Cisco offer a more comprehensive identity-centric security solution. The acquisition aligns with Cisco’s broader strategy to provide end-to-end visibility and control across human and non-human identities, especially in hybrid cloud and modern development environments.</p><figure style="margin:20px 0"><img src="https://www.securityweek.com/wp-content/uploads/2023/01/Cybersecurity_News-SecurityWeek.jpg" alt="Cisco’s Astrix Security Acquisition: Your Questions Answered on Non-Human Identity Risks" style="width:100%;height:auto;border-radius:8px" loading="lazy"><figcaption style="font-size:12px;color:#666;margin-top:5px">Source: www.securityweek.com</figcaption></figure></div> <div id="q2"><h2>What are non-human identities and why are they risky?</h2><p>Non-human identities refer to digital entities that act on behalf of users or systems, such as API keys, OAuth tokens, service accounts, certificates, and machine credentials. Unlike human users who authenticate via passwords, these identities often have privileged access to critical resources and are frequently overlooked in security strategies. The risks include dormant accounts with excessive permissions, hardcoded secrets in code, and lack of lifecycle management, which can lead to data breaches or lateral movement by attackers. As <strong>Astrix Security</strong> highlights, the explosion of non-human identities in DevOps, cloud, and AI pipelines makes them an attractive target. Cisco’s acquisition aims to close this visibility gap by integrating Astrix’s discovery and risk assessment capabilities into its security framework.</p></div> <div id="q3"><h2>How does this acquisition strengthen Cisco’s push into identity-centric security?</h2><p>Cisco has been expanding its security portfolio to focus on identity as a foundational control, with solutions like <strong>Duo Security</strong>, <strong>Identity Services Engine (ISE)</strong>, and <strong>Secure Access</strong>. However, traditional identity tools primarily address human users. With the rise of AI and automation, non-human identities now outnumber human identities in many organizations. By adding Astrix, Cisco gains the ability to discover, classify, and monitor these machine identities across cloud environments, SaaS applications, and on-premises systems. This extends the zero-trust principle to all entities, ensuring that every access request—whether from a person, an API, or a bot—is validated. The acquisition positions Cisco as a leader in securing the entire identity fabric, from workforce to workload.</p></div> <div id="q4"><h2>What does Astrix Security specialize in?</h2><p>Astrix Security focuses specifically on <strong>non-human identity security</strong>, offering a platform that provides visibility into machine-to-machine access. Their technology discovers all non-human identities—such as service accounts, OAuth apps, and API tokens—and assesses their risk posture based on behavior, permissions, and activity. Key capabilities include:</p><figure style="margin:20px 0"><img src="https://www.securityweek.com/wp-content/uploads/2022/04/SecurityWeek-Small-Dark.png" alt="Cisco’s Astrix Security Acquisition: Your Questions Answered on Non-Human Identity Risks" style="width:100%;height:auto;border-radius:8px" loading="lazy"><figcaption style="font-size:12px;color:#666;margin-top:5px">Source: www.securityweek.com</figcaption></figure> <ul> <li><strong>Discovery:</strong> Automatically catalogues non-human identities across cloud and SaaS environments.</li> <li><strong>Risk scoring:</strong> Identifies over-privileged, dormant, or misconfigured identities.</li> <li><strong>Remediation:</strong> Provides automated workflows to reduce access or rotate credentials.</li> <li><strong>Monitoring:</strong> Tracks behavior in real time to detect anomalies or misuse.</li> </ul> <p>Founded in 2020, Astrix has gained traction with enterprises managing complex microservices architectures. Cisco plans to integrate these capabilities into its <strong>Security Cloud</strong> platform, offering customers unified control over all identities.</p></div> <div id="q5"><h2>How will this help secure AI and machine access?</h2><p>AI systems and machine learning models often rely on automated access to data, APIs, and compute resources through non-human identities. For example, a chatbot might use an API key to access a customer database, or a CI/CD pipeline might use a service account to deploy code. If these identities are compromised, attackers can manipulate AI outputs, steal training data, or disrupt operations. Astrix’s platform helps by ensuring that each machine identity follows the principle of least privilege, is regularly rotated, and is monitored for abnormal behavior. By integrating with Cisco’s <strong>Secure Access</strong> and <strong>XDR</strong> solutions, security teams can enforce consistent policies across human and machine access, reducing the attack surface for AI-driven workflows and automated processes.</p></div> <div id="q6"><h2>What does this mean for current Cisco and Astrix customers?</h2><p>For existing Cisco security customers, the acquisition promises a more holistic approach to identity security, with native support for non-human identities in the coming months. Astrix’s technology will likely be folded into Cisco’s <strong>Security Cloud</strong> as an add-on module, offering deeper visibility without requiring separate tools. For current Astrix users, the deal provides access to Cisco’s global scale, support network, and broader security ecosystem, while ensuring continuity of the platform. Cisco has a track record of maintaining acquired products (e.g., Duo, Splunk) and enhancing them with cross-integration. The acquisition is expected to close in the first half of 2024, pending regulatory approvals. Until then, both companies continue to operate independently.</p></div>