Cisco is moving to deepen its position in cloud and identity security with an agreement to buy Israeli startup Astrix Security, underscoring continued US appetite for Israeli cyber assets even as dealmaking has become more selective across the sector.
The acquisition was reported by the Globes website in an article titled “Cisco to acquire Israeli co Astrix Security.” While financial terms were not disclosed, the report described Astrix as operating in the fast-growing field of securing non-human identities and third-party access paths created by software-as-a-service applications and automation. The deal adds to Cisco’s recent push to expand beyond networking hardware into higher-margin, subscription-driven security and observability offerings.
Astrix has focused on identifying and controlling identity-based risks that do not neatly fit into traditional workforce identity management. As enterprises rely more heavily on SaaS tools, integrations, and automated workflows, access is increasingly granted not only to employees but also to service accounts, bots, connected apps, and external partners. These connections can multiply quickly, often outside the visibility of security teams, creating vulnerabilities that are difficult to audit and easy to exploit. By concentrating on mapping these access relationships and enforcing policy, Astrix has positioned itself in a segment that is attracting attention as organizations grapple with sprawling cloud environments and mounting compliance demands.
For Cisco, the move aligns with a broader strategy of using acquisitions to accelerate product build-out and capture more of the security budget. The company has been weaving together assets from prior purchases to offer integrated security that spans endpoints, identity, network, and cloud. Adding Astrix’s capabilities could strengthen Cisco’s ability to address identity-centric attack vectors, which have become a persistent theme in major breaches, particularly where compromised credentials or poorly governed integrations provide attackers a low-friction entry point.
The reported transaction also highlights the ongoing role of Israeli startups in shaping global cyber priorities. Israel has built a reputation for producing companies specializing in niche, technically demanding security domains, often staffed by veterans of elite military technology units. In the current market, where buyers seek technologies that can be embedded into existing platforms rather than standalone point solutions, startups offering clear differentiation in areas like identity governance, SaaS security, and access control are especially attractive.
The integration challenge will be familiar: Cisco will need to fold Astrix into a broader architecture without diluting the speed of product development that made the startup competitive. Customers, meanwhile, will watch for how quickly the technology becomes available inside Cisco’s security portfolio, and whether it remains well supported for organizations using mixed-vendor environments.
Still, the logic of the deal is consistent with where enterprise security is headed. As companies automate more processes and connect more services, the number of identities and access paths that require governance continues to rise. By acquiring Astrix, Cisco appears to be betting that controlling those connections will be central to securing modern enterprises, and that ownership of the tooling to do so will be an important differentiator in a crowded security market.
