{"id":27756,"date":"2026-05-05T10:32:10","date_gmt":"2026-05-05T10:32:10","guid":{"rendered":"https:\/\/www.europesays.com\/ai\/27756\/"},"modified":"2026-05-05T10:32:10","modified_gmt":"2026-05-05T10:32:10","slug":"cisco-moves-to-acquire-astrix-security-to-strengthen-control-over-ai-agents-api-keys-and-service-account-risks","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/ai\/27756\/","title":{"rendered":"Cisco moves to acquire Astrix Security to strengthen control over AI agents, API keys, and service account risks"},"content":{"rendered":"<p><a href=\"https:\/\/industrialcyber.co\/vndrs\/cisco\/\" rel=\"nofollow noopener\" target=\"_blank\">Cisco<\/a> announced on Monday its intention to acquire Astrix Security to strengthen its push into securing AI-driven environments, particularly the growing risk surface created by non-human identities such as API keys, service accounts, and AI agents. The company plans to integrate Astrix\u2019s capabilities into its security platform to provide discovery, governance, lifecycle management, and real-time threat detection for agentic identities, extending its <a href=\"https:\/\/industrialcyber.co\/category\/zero-trust\/\" rel=\"nofollow noopener\" target=\"_blank\">Zero Trust architecture<\/a> to what it describes as the \u2018agentic workforce\u2019 and enabling organizations to adopt AI at scale with greater visibility and control.<\/p>\n<p>\u201cWe\u2019re seeing an explosion of AI agents that are already reshaping the digital enterprise. Soon, every person in an organization will be supported by a network of AI agents working continuously at machine speed, accessing data, making decisions, and taking action on their behalf,\u201d Peter Bailey, senior vice president and general manager for security at Cisco\u2019s Security Business Group (SBG), <a href=\"https:\/\/blogs.cisco.com\/news\/cisco-announces-intent-to-acquire-astrix-security\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">wrote<\/a> in a company blog post. \u201cThese agents represent an entirely new class of coworker: capable of incredible productivity, but also capable of unintended harm or malicious behavior if left unsecured. This is the new attack surface, and it is growing faster than most organizations realize.\u201d<\/p>\n<p>As organizations accelerate the adoption of agentic technologies, security teams face mounting pressure to enable innovation while securing the use of agents. Agent capabilities are advancing faster than most security models, creating a widening gap in visibility, governance, and response. According to Cisco\u2019s AI Readiness Index, only 24% of organizations can control agent actions with proper guardrails and live monitoring, and just 31% report being fully capable of securing their agent AI systems.<\/p>\n<p>That gap between agentic capability and organizational readiness continues to widen. With the emergence of AI models such as Mythos, threat actors are reshaping the risk landscape in ways that are difficult to ignore. Security teams are confronting a new class of high-impact, AI-accelerated risks. Cisco said it is focused on helping customers address this gap.<\/p>\n<p>\u201cCisco has been moving quickly to enable the safe and secure use of AI,\u201d Bailey wrote. \u201cAI Defense helps organizations safely build AI applications by protecting the models and agents built internally. We\u2019ve also extended our Zero Trust Access architecture with Cisco Secure Access and Duo Agentic Identity capabilities to discover and authorize every agent and every action.\u201d<\/p>\n<p>Beyond this, he added, \u201cwe continue to build the broader foundation for secure AI: open source models, tools to scan and make models safer, guidance for secure AI development, MCP gateways, and <a href=\"https:\/\/blogs.cisco.com\/security\/double-defense-secure-firewall-10-0-confronts-encrypted-traffic-emerging-attack-challenges\" rel=\"nofollow noopener\" target=\"_blank\">new capabilities<\/a> across our firewall portfolio to recognize and inspect AI traffic.\u201d<\/p>\n<p>Since its founding five years ago, Astrix Security has focused on securing the identities and credentials that power modern systems, including API keys, service accounts, and OAuth tokens. These same credentials are now increasingly used, and in some cases exploited, by AI agents to gain access and execute tasks at scale.<\/p>\n<p>Bailey identified that the addition of Astrix Security brings deep capability to discover and secure every AI agent and non-human identity (NHI), including excessive privileges and real-time threats, enabling organizations to adopt AI securely and at scale.<\/p>\n<p>Capabilities from Astrix Security include discovery and governance for AI agents to map organizational agentic activity, enforce policy, address hygiene issues, reduce attack surfaces, and prevent compliance violations; agentic access and lifecycle management to oversee AI agents and their non-human identities from provisioning through decommissioning; agentic threat detection and response to identify and mitigate risks such as compromised credentials and out-of-scope agent actions; and centralized secrets management across vaults and cloud environments. It also brings together a \u2018world-class team\u2019 of security experts who have been focused on this problem space from the beginning.\u00a0<\/p>\n<p>Bailey detailed that Cisco plans to integrate Astrix Security\u2019s capabilities into Cisco Identity Intelligence, strengthening visibility and context across identities within the Cisco Security platform.<\/p>\n<p>\u201cWe also intend to extend these capabilities into our zero trust access solutions, including Cisco Secure Access and Duo Identity and Access Management, helping organizations secure AI agents and non-human identities across a broad range of use cases,\u201d he added. \u201cCustomers will be able to discover, authenticate, and authorize agentic identities, as well as detect and respond when they use Cisco Secure Access as well as Duo.\u201d<\/p>\n<p>He added that the strength lies in Cisco\u2019s visibility across identity, network, application, and infrastructure layers. \u201cWe don\u2019t just know what an agent is, we understand how it behaves. This visibility and intelligence also feeds into Splunk (or any SIEM), giving security teams a unified view of agent activity with the context needed to investigate and respond at machine speed.\u201d<\/p>\n<p>Just last week, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), <a href=\"https:\/\/industrialcyber.co\/ai\/cisa-and-partners-release-agentic-ai-security-guidance-to-protect-critical-infrastructure-outline-mitigation-action\/\" rel=\"nofollow noopener\" target=\"_blank\">alongside<\/a> the Australian Cyber Security Centre and other international partners, published new guidance on the secure adoption of agentic artificial intelligence (agentic AI), outlining cybersecurity risks tied to deploying these systems. The document comes as <a href=\"https:\/\/industrialcyber.co\/regulation-standards-and-compliance\/us-bill-allows-critical-infrastructure-operators-to-detect-and-neutralize-rogue-drones-closing-key-defense-gaps\/\" rel=\"nofollow noopener\" target=\"_blank\">critical infrastructure<\/a> and defense sectors increasingly adopt agentic AI to support mission-critical operations and drive automation. As agentic AI systems <a href=\"https:\/\/industrialcyber.co\/ai\/ot-isac-partners-with-protos-labs-to-bring-agentic-ai-into-critical-infrastructure-defense\/\" rel=\"nofollow noopener\" target=\"_blank\">play a growing <\/a>operational role, defenders must implement security controls to protect national security and <a href=\"https:\/\/industrialcyber.co\/regulation-standards-and-compliance\/australias-cisc-tightens-cyber-reporting-rules-to-capture-ai-driven-incidents-in-critical-infrastructure\/\" rel=\"nofollow noopener\" target=\"_blank\">critical infrastructure<\/a> from agentic AI-specific risks.<\/p>\n<p>\t\t<img loading=\"lazy\" decoding=\"async\" width=\"96\" height=\"96\" src=\"data:image\/svg+xml,%3Csvg%20xmlns=\" https:=\"\" alt=\"\" data-lazy-src=\"https:\/\/www.europesays.com\/ai\/wp-content\/uploads\/2026\/04\/Anna-Ribeiro-min-96x96.jpg\"\/><\/p>\n<p>&#13;<br \/>\n\t\t\t\t\tAnna Ribeiro\t\t\t\t<\/p>\n<p>&#13;<br \/>\n\t\t\t\t\tIndustrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.\t\t\t\t<\/p>\n<p>\t<a class=\"post-author-link\" href=\"https:\/\/industrialcyber.co\/author\/annaribeiro\/\" rel=\"nofollow noopener\" target=\"_blank\"><\/p>\n","protected":false},"excerpt":{"rendered":"Cisco announced on Monday its intention to acquire Astrix Security to strengthen its push into securing AI-driven environments,&hellip;\n","protected":false},"author":2,"featured_media":27757,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[405,4638,18440,7537,3731,329,1765,13590,18441,428,1800,353,18442,291,9578,18443],"class_list":{"0":"post-27756","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-agentic-ai","8":"tag-ai-agents","9":"tag-ai-systems","10":"tag-api-keys","11":"tag-artificial-intelligence-agents","12":"tag-astrix-security","13":"tag-cisco","14":"tag-cisco-secure-access","15":"tag-discovery","16":"tag-duo-agentic-identity","17":"tag-governance","18":"tag-lifecycle-management","19":"tag-mythos","20":"tag-service-accounts","21":"tag-threat-detection","22":"tag-zero-trust","23":"tag-zero-trust-access"},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/posts\/27756","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/comments?post=27756"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/posts\/27756\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/media\/27757"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/media?parent=27756"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/categories?post=27756"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/tags?post=27756"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}