Congratulations to Astrix Security on Their Anticipated Acquisition by Cisco

2026-05-04 · Source: Menlo Ventures · Field: Technology & Digital — Cybersecurity & Data Privacy, Artificial Intelligence & Machine Learning · Depth: Intermediate, quick

Summary

On May 04, 2026, Cisco announced its intent to acquire Astrix Security, an AI agentic security platform founded in 2021 by Alon Jackson and Idan Gour. Astrix initially addressed the underappreciated problem of non-human identity (NHI) security, recognizing that machines significantly outnumber human users in enterprises. The company evolved from SaaS app visibility into a comprehensive NHI lifecycle management platform, helping security teams automatically detect, inventory, and remediate stale or overprivileged machine access across SaaS, cloud, and on-premise infrastructure. Menlo Ventures led their Series B, noting Astrix's expansion into full-stack NHI security. Crucially, Astrix adapted early to the AI wave, launching a comprehensive AI agent security platform in early 2026 for discovery, runtime monitoring, and policy enforcement of both sanctioned and shadow agents. This acquisition will integrate Astrix's platform into Cisco's security portfolio, including Identity Intelligence, Duo, and Secure Access.

Key takeaway

For CISOs and AI Security Engineers managing expanding enterprise identity perimeters, your traditional IAM tools are likely insufficient for securing non-human identities and AI agents. You must prioritize dedicated solutions that offer comprehensive discovery, runtime monitoring, and policy enforcement for both sanctioned and shadow AI agents. This acquisition highlights the urgent need to integrate robust NHI and AI agent security into your core strategy, mitigating systemic vulnerabilities before they are exploited.

Key insights

Non-human identities and AI agents represent a critical, expanding security perimeter often overlooked by traditional IAM.

Principles

• Enterprise machines vastly outnumber human users.
• Traditional IAM tools cannot secure the expanded identity perimeter.
• AI agents introduce new classes of non-human actors.

In practice

• Inventory and remediate overprivileged machine access.
• Implement runtime monitoring for AI agents.
• Enforce policies for both sanctioned and shadow AI agents.

Topics

• Non-Human Identity
• AI Agent Security
• Enterprise Security
• Identity and Access Management
• Cybersecurity Acquisitions
• Cloud Security

Best for: CTO, VP of Engineering/Data, Executive, Director of AI/ML, AI Security Engineer, Investor

Related on AIssential

• Enterprise identity was built for humans — not AI agents — Enterprise identity systems must evolve to explicitly manage AI agents, moving beyond human-centric security models.
• The Rise of the Machine Identity: Securing the AI Workforce and AI Agents — AI agents introduce exponential security risks due to their scale, autonomy, and ephemeral nature, demanding new defense strategies.
• Palo Alto Networks closes $25bn acquisition of CyberArk — Integrating identity security and cloud-native observability is crucial for comprehensive enterprise protection in the AI era.
• Agentic Runtime Security Explained: Securing Non‑Human Identities — Agentic AI security demands dynamic, non-human identity management to prevent widespread vulnerabilities.
• Meta's rogue AI agent passed every identity check — four gaps in enterprise IAM explain why — AI agents with valid credentials can become "confused deputies," executing unauthorized actions that bypass traditional IAM.
• RSA recap, the LiteLLM breach, and the quest to fix AI agent security — Securing agentic AI requires isolating workflows and dynamic identity management, as traditional IAM fails against non-deterministic threats.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Menlo Ventures.