Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1794+ Articles
149+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
  1. Home
  2. News
  3. Cisco Adds NHI to Security Stack With Astrix, WideField Acquisitions
Cisco Adds NHI to Security Stack With Astrix, WideField Acquisitions
NEWS

Cisco Adds NHI to Security Stack With Astrix, WideField Acquisitions

Cisco has acquired Astrix Security and WideField to build out non-human identity (NHI) protection capabilities, betting that securing AI agents, service...

Dylan H.

News Desk

June 27, 2026
5 min read

Cisco Doubles Down on Non-Human Identity Security

Cisco has announced the acquisition of Astrix Security and WideField to expand its identity security portfolio into the rapidly growing non-human identity (NHI) market. The move signals Cisco's bet that as AI agents, microservices, and automated workloads proliferate, securing machine and service identities will become as critical as securing human user accounts.


What Is Non-Human Identity (NHI)?

Non-human identities represent the accounts, tokens, credentials, and API keys used by software systems rather than human users. As organizations deploy more automation and AI agents, NHIs have exploded in volume — often outnumbering human identities by orders of magnitude.

Common NHI Types

Identity TypeDescription
Service AccountsAccounts used by applications and services to authenticate
API Keys & TokensCredentials used by integrations, third-party services, and scripts
OAuth ApplicationsAuthorized third-party apps with delegated access to organizational data
CI/CD Pipeline IdentitiesCredentials used by build and deployment automation
AI AgentsAutonomous AI systems that require access to tools, APIs, and data
Cloud Workload IdentitiesIAM roles and managed identities in cloud environments

The security challenge with NHIs is significant: they often have excessive privileges, no expiration dates, no MFA, and poor visibility into what they access and why.


The Acquisitions: Astrix & WideField

Astrix Security

Astrix specializes in third-party NHI security, providing visibility into OAuth applications and API integrations connected to enterprise SaaS environments. Astrix's platform discovers shadow integrations — often unknown to IT and security teams — and continuously monitors them for risky permissions, unusual behavior, and policy violations.

Key capabilities:

  • Automated discovery of all third-party app integrations and API connections
  • Risk scoring based on permissions, usage patterns, and vendor security posture
  • Revocation workflows for unused or risky integrations
  • Continuous monitoring for anomalous access behavior

WideField

WideField focuses on service account and machine identity governance, helping organizations discover, classify, and secure the internal non-human identities that proliferate across on-premise and cloud environments. WideField addresses the challenge of "identity sprawl" — the accumulation of thousands of service accounts with unclear ownership and excessive privileges.

Key capabilities:

  • Complete inventory of service accounts across AD, cloud IAM, and Kubernetes
  • Automated detection of over-privileged and stale machine identities
  • Just-in-time access recommendations for service accounts
  • Policy enforcement for machine identity lifecycle management

Why NHI Now?

The push into NHI security is driven by several converging trends:

The Agentic AI Surge

The rapid deployment of AI agents in enterprise environments has dramatically expanded the NHI attack surface. Unlike traditional service accounts with relatively predictable behavior, AI agents:

  • Require broad access to tools, APIs, and data sources
  • Take autonomous actions that are difficult to audit in real time
  • May be granted excessive permissions to avoid operational friction
  • Are a relatively new paradigm with immature governance tooling

Supply Chain Risk

Third-party integrations represent a significant supply chain risk vector. When attackers compromise a SaaS vendor or steal API tokens, they can pivot into connected enterprise environments. High-profile breaches in recent years have demonstrated that a single compromised OAuth application can expose entire organizational data estates.

Regulatory Pressure

Emerging regulations and frameworks — including updated NIST CSF guidance and SEC cybersecurity disclosure rules — increasingly require organizations to account for all identities, including non-human ones, in their risk management programs.


Cisco's Broader Identity Strategy

The Astrix and WideField acquisitions expand Cisco's identity security portfolio, which already includes:

  • Cisco Duo — MFA and zero-trust access for human users
  • Cisco Identity Intelligence — unified identity analytics layer
  • Cisco Security Cloud — integrated security platform

By adding NHI capabilities, Cisco is positioning identity as the primary control plane for securing both human and machine access across hybrid environments — a strategic alignment with the broader industry shift away from perimeter-based security.


Market Context

Cisco joins a growing list of security vendors investing in NHI:

VendorNHI Approach
CyberArkSecrets management & machine identity security
HashiCorp VaultSecrets engine for machine credentials
EntrustMachine identity management
Venafi (acquired by CyberArk)Certificate & machine identity lifecycle
Cisco (Astrix + WideField)Third-party OAuth & service account governance

The NHI market is projected to grow significantly as AI deployment accelerates and regulatory scrutiny of non-human access increases.


Key Takeaways

  1. Cisco acquires Astrix and WideField to build comprehensive NHI protection capabilities
  2. NHI security is the emerging frontier — machine identities increasingly outnumber human accounts
  3. AI agents are the key driver — autonomous systems require broad access that is difficult to govern with legacy IAM tools
  4. Third-party OAuth and API integrations are high-risk vectors that Astrix specifically addresses
  5. Identity becomes the control plane for both human and non-human access in modern enterprise security architectures

References

  • Dark Reading — Cisco Adds NHI to Security Stack With Astrix, WideField Acquisitions

Related Reading

  • Shadow AI Risk: How SaaS Apps Enable Massive Breaches
  • AI Agentic Threats 2026: Model Poisoning & Rogue Agents
#Cisco#NHI#Identity Security#AI Security#Acquisitions#Agentic AI#Zero Trust

Related Articles

Every AI Agent Is an Identity. Most Organizations Don't Treat Them That Way

AI agents can access databases, trigger workflows, deploy code, and interact with critical business systems — often with little oversight. Token Security...

5 min read

Clean GitHub Repo Tricks AI Coding Agents Into Running Malware

Researchers demonstrate how a seemingly clean, scanner-safe GitHub repository can silently execute a malicious payload when an AI coding agent clones and...

5 min read

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft researchers have detailed AutoJack, a novel exploit chain that turns AI browsing agents into delivery vehicles for remote code execution by...

4 min read
Back to all News