Cisco Acquires Astrix Security to Secure Non-Human Identities

/MEDIUM
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW threat-intelvulnerabilityidentityai-security
Cisco Acquires Astrix Security to Secure Non-Human Identities

Cisco has announced its intent to acquire Astrix Security, a startup specializing in the security of non-human identities (NHIs). These include critical elements like API keys, service accounts, and OAuth tokens that are increasingly powering applications and AI agents. SecurityWeek reports that this move aims to extend zero trust principles to the burgeoning “agentic workforce” where AI agents operate autonomously.

This acquisition signals a significant shift in how major vendors are approaching identity security. The rapid proliferation of AI and automated systems means that traditional human-centric identity management is no longer sufficient. Securing these machine-to-machine interactions is becoming paramount to preventing unauthorized access and data exfiltration.

What This Means For You

  • If your organization relies on APIs, service accounts, or is integrating AI agents, you must prioritize securing these non-human identities. Review your current inventory of API keys and service accounts. Implement strict access controls, rotation policies, and monitoring for anomalous usage patterns before these become a vector for compromise.

Related ATT&CK Techniques

T1558.003 Steal or Forge Kerberos Tickets Credential Access T1078.004 Cloud Accounts Initial Access T1539 Steal Web Data Credential Access

Written by SCW Vulnerability Desk

Take action on this incident
📡 Monitor cisco.com Free · 1 watchlist slot · instant alerts on new breaches 🔍 Threat intel on Cisco All breaches, IOCs & vendor exposure

Related coverage on Cisco

cPanel Authentication Bypass Vulnerability Exploited in the Wild

A critical authentication-bypass vulnerability in cPanel has sparked a "cyber-frenzy," according to Dark Reading. The flaw, which allows attackers to bypass authentication, saw multiple proof-of-concept...

threat-inteltoolsvulnerabilityidentity
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Phishing Campaign Leverages SimpleHelp, ScreenConnect RMM to Hit 80+ Orgs

An active phishing campaign, codenamed VENOMOUS#HELPER, has been observed since at least April 2025, according to The Hacker News. This operation targets organizations by leveraging...

threat-intelvulnerabilityphishingtoolsthe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

AI Phishing, Android Spyware, Linux Exploit, GitHub RCE Headline Weekly Threats

This week's cybersecurity landscape highlights a critical shift from mere breaches to persistent occupation, according to The Hacker News. Attackers are leveraging advanced techniques, turning...

threat-intelvulnerabilitydata-breachphishingtools
/SCW Vulnerability Desk /HIGH /⚑ 4 IOCs /⚙ 3 Sigma