Cisco Acquires Astrix Security for AI Agent Identity Controls

Cisco completed its acquisition of Astrix Security, the Israeli non-human identity security startup focused on software agents, service accounts, API keys, OAuth tokens, and other machine credentials. Calcalist reports the final purchase price at roughly $400 million.

The DLP-adjacent angle is not classic content inspection. It is access control for the identities that increasingly touch sensitive data before a human user ever sees it. Astrix built around discovering non-human identities, finding excessive permissions, and remediating risky access before those identities become a path to data leakage or broader compromise.

Why Data Security Teams Should Care

AI agents often inherit broad permissions through service accounts, API keys, and OAuth grants. If those credentials are over-scoped, stale, or invisible to security teams, an agent can reach sensitive systems even when user-facing DLP policy looks clean.

Cisco says Astrix will be integrated into Cisco Identity Intelligence and Zero Trust products such as Duo and Secure Access. For buyers, the practical question is whether identity telemetry can connect agent behavior, data access, and enforcement quickly enough to reduce the blind spots that sit between IAM, SSE, and DLP.

What To Validate

This is not a replacement for DLP or DSPM. It is a control plane that may make those programs more enforceable when non-human identities are involved. Teams evaluating agent-security stacks should ask how Astrix identifies agent-owned credentials, how privilege cleanup is automated, and whether suspicious agent access can trigger downstream investigation or blocking workflows.