In a significant development for the cybersecurity landscape, Cisco, the San Jose-based networking giant, is reportedly in advanced discussions to acquire Astrix Security, a New York-based startup specializing in non-human identity management. The projected value of the acquisition ranges from $250 million to $350 million, reflecting a powerful entry for Cisco into a rapidly evolving market. This acquisition could mark a pivotal moment, significantly broadening Cisco’s portfolio beyond its existing strengths in authentication, identity threat detection and response, and identity security posture management.
Historically, Cisco has exhibited a robust appetite for acquisitions, having secured 38 pure-play security companies since the late 1990s, along with an additional 12 hybrid companies that include security components. These strategic investments have allowed Cisco to evolve from its foundational role in organic firewall development to a comprehensive entity offering solutions spanning identity management, Secure Access Service Edge (SASE), threat intelligence, detection, and response.
Cisco’s urgency to expand its capabilities in identity management is underscored by its previous acquisition of Duo Security, a multi-factor authentication platform, for $2.35 billion in 2018. This investment has facilitated Cisco’s growth within the identity market, although it still faces stiff competition from industry giants such as Microsoft, Okta, CyberArk, SailPoint, Ping Identity, Broadcom, and Thales. Despite Cisco typically engaging in an average of 1.5 pure-play cybersecurity acquisitions annually, its last pure-play purchase occurred in August 2024, when it acquired Robust Intelligence to fortify protections for artificial intelligence models.
The potential acquisition of Astrix Security comes at a compelling time for Cisco, as the company has maintained a brief hiatus from cyber mergers and acquisitions recently. Reports suggest that Cisco had its sights set on a $2 billion acquisition of asset management vendor Axonius earlier this year, but those dialogues have yet to materialize into a deal. The continued assessment of potential acquisitions suggests a strategic pivot to bolster Cisco’s foothold in newer segments of cybersecurity.
Astrix Security, founded in 2021, has quickly established itself in the market, employing 121 staff members and raising a total of $85 million in external funding, with its latest achievement being a $45 million Series B funding round led by Menlo Ventures in December 2024. Alon Jackson, Astrix’s co-founder and CEO, who previously commanded Israeli Military Intelligence’s cyber research division, has articulated the company’s mission to assist enterprises in securely integrating AI technologies and implementing effective user access management processes.
The growing field of non-human identity management is beckoning considerable interest in 2026, both in terms of funding and mergers and acquisitions. Other notable firms, including Oasis Security and GitGuardian, have secured substantial funding rounds to address the burgeoning challenges associated with non-human identities and secrets. Furthermore, industry heavyweights like CrowdStrike and Cyera have made substantial investments to enhance their capabilities in managing and securing these identities.
Astrix differentiates itself in the marketplace by concentrating on cloud, service, and Application Programming Interface (API)-level challenges, as opposed to the narrower focus on device or certificate management typical among its competitors. This unique positioning, paired with its mature platform, has empowered Astrix to secure significant contracts and win competitive bids.
Currently, Cisco’s Identity Intelligence solution assists organizations in discovering agentic and non-human identities, aimed at offering insights into their existing AI usage. However, a notable gap remains: Cisco lacks a dedicated offering for managing and securing these identities, which presents a substantial opportunity should the acquisition of Astrix go through. With the cybersecurity landscape becoming increasingly complex and dynamic, securing a foothold in the thriving non-human identity market could furnish Cisco with crucial competitive advantages.
As discussions advance, the telecommunications industry watches closely, recognizing the potential ramifications this acquisition may have not just for Cisco, but also for the wider dynamics of competitive cybersecurity offerings. If completed, this merger could align Cisco with one of the most promising segments in cybersecurity, positioning the company favorably for future growth amidst an ever-evolving digital threat landscape.