Cisco buys Astrix to harden agents

AI-agent security just got promoted from an interesting niche to a core enterprise problem. Cisco’s planned acquisition of Astrix Security makes that plain. The basic issue is simple — once software agents can log in, call APIs, and take actions across business systems, they stop looking like chatbots and start looking like employees with keys. The gap is that most companies still govern those machine identities far worse than they govern humans. Cisco moved on May 4 to close that gap by buying Astrix. (blogs.cisco.com) ### What exactly did Cisco buy? Astrix is an Israeli security startup built around non-human identity security. That means service accounts, OAuth apps, API keys, tokens, and now AI agents — the software actors that can connect to systems and do work without a person clicking every step. Cisco says Astrix’s tech will be folded into Cisco Identity Intelligence, Secure Acc(blogs.cisco.com) they can touch, and tighten access before they become a blind spot. (blogs.cisco.com) ### Why are AI agents different from ordinary automation? Because agents don’t just run one fixed script. They can chain tools, request data, trigger workflows, and keep operating across apps. That makes them useful, but it also means one over-privileged agent can wander through finance, HR, cloud infrastructure, or clinical systems faster than an admin realizes. Cisco f(blogs.cisco.com)hrase because that is basically what this is becoming — a new class of worker, except the worker is software. (blogs.cisco.com) ### Why is this landing right now? Because deployment is outrunning governance. JumpCloud’s new Agentic IAM Pulse report says 72% of organizations already have AI agents in production, yet 92% say they face serious limits scaling them securely. The survey covered 261 IT, security, and identity decision-makers at mid-sized organizations in the U.S. and U.K. In other words(blogs.cisco.com)ing fully sorted out. (jumpcloud.com) ### What are companies missing? Mostly the boring controls that stop becoming boring once an agent can act on its own. You need clear ownership, least-privilege permissions, approval paths for high-risk actions, and logs that show not just that an action happened but which agent, token, connector, and policy path made it happen. Ast(jumpcloud.com)tions, and stale credentials hiding in SaaS environments. (astrix.security) ### Why should healthcare and EHR teams care? Because an agent attached to an EHR, revenue-cycle tool, identity provider, or messaging system can do real-world damage if it gets broad access. The hard part is that many healthcare workflows reward convenience — broad read access, shared integrations, long-lived tokens. But once agents can draft orders, move data, sche(astrix.security)rrower permissions, stronger audit trails, and anomaly detection tuned for machine behavior, not just human logins. That is an inference from the identity problem Cisco is buying into, but it follows directly from how these systems work. (blogs.cisco.com) ### Did Cisco disclose the price? No. Cisco did not publish terms. Outside reports have floated values from roughly $250 million to $400 million, with Calcalist reporting about $400 million. The exact number matters less than the signal — Cisco thinks securing machine identities and AI agents is strategic enough to buy, not just build around later. (blogs.cisco.com) changes now? The big change is mindset. AI-agent security is getting pulled into mainstream identity and zero-trust stacks. That means buyers will start asking sharper questions: What can each agent access? Who approved it? What happens when behavior changes? And can you shut it down fast? Cisco buying Astrix will not solve that by itself, but it doe(theinformation.com) plumbing. (blogs.cisco.com) ### Bottom line? The story is not just that Cisco bought a startup. It’s that the industry is admitting AI agents are now identities with power — and those identities need the same scrutiny as any privileged human user. (blogs.cisco.com)