San Jose, Calif. In the last quarter, a Fortune 500 bank found that almost 18% of its automated workflows were initiated by identities that could not be traced. These were not rogue employees or outside attackers. Instead, they were ghost agents, autonomous scripts, and AI processes running devoid of clear ownership, visibility, or control. The financial risk was real, showing up as audit gaps, duplicate transactions, and unexplained API calls.
Cisco Astrix is designed to solve this problem. It pushes companies to address ARAG, a growing blind spot in AI agent security.
The Rise of Ghost Agents in Enterprise Systems
Autonomous AI agents now manage tasks ranging from customer support to backend reconciliation. Companies adopted these systems for speed and scale, but oversight did not keep up. Each new agent creates an identity that is often unmanaged, rarely audited, and usually not covered by traditional access controls.
This is where non-human identity (NHI) becomes more than simply a technical term. It constitutes a major change in how organizations need to think about identity, whether it is a bot trading stocks, an AI model writing code, or a script managing cloud tasks. Each needs identity, authentication, and accountability.
Without proper oversight, these entities turn into ghost agents. They perform actions and access systems, but leave little footprint behind.
How Cisco Astrix Reference AI Agent Security
From Visibility to Accountability
Integrating Cisco Astrix adds a unified control layer for AI agent security. It treats autonomous agents as primary identities rather than simply tools. This is important because traditional IAM systems were not built to handle so many machine identities.
By assigning each agent a verifiable identity and connecting activity logs to services like Splunk AI, organizations gain clear forensic insight. When something unusual happens, teams can trace it back to a specific agent with known permissions and behavior.
This is more than a small important improvement. It completely changes how organizations see and manage their operations.
Embedding zero trust into Orleans systems
Most companies say they follow zero-trust principles, but few apply them strictly to non-human agents. Cisco Astrix makes this application possible.
Each agent now has to constantly verify its identity, contacts, and permissions before doing any task. Static credentials are no longer enough. Dynamic checks make sure that even internal agents cannot act without oversight. Consider a healthcare provider running AI-powered dynamics. Without zero trust, a compromised agent could access patient data across systems with enforced verification tied to agentic identity. The same agent must prove legitimacy at every step, reducing lateral movement risks.
Regulatory Pressure Meets Technical Reality.
Conforming to NIST AI 2.0
Regulators now recognize the risks associated with autonomous agents. Frameworks such as NIST AI 2.0 stress the requirement for accountability, traceability, and governance in AI operations. Still, most companies find it hard to put these guidelines into practice.
Cisco Astrix offers a solution. By adding identity controls directly into agent workflows, organizations can meet NIST AI 2.0 requirements without rebuilding their entire infrastructure.
This alignment itself will soon become necessary. Fields such as finance, health, and healthcare will face greater scrutiny, especially regarding how AI decisions are made and reviewed.
The expanding role of agentic identity
Agentic identity is more than just authentication. It sets the rules for how an AI agent acts, what it can access, and how its actions are tracked over time. This is important as agents move from simple tasks to making decisions.
For example, an AI procurement agent handling vendor contracts must follow strict policy rules. With agentic identity, these rules are built in and enforced, so compliance happens automatically without constant human checks.
Operational Impact: From Risk Mitigation To Strategic Benefit.
Eliminating ghost agents
The main benefit of Cisco Astrix is the removal of ghost agents. Every automated process sets a clear identity, defined permissions, and a trackable activity log. This lowers audit risk and makes compliance reporting easier.
But there are more benefits beyond this.
Organizations can now expand AI deployments with confidence when identity and security are built in at the agent level. Adding new agents becomes much less risky. This turns AI from a small experiment into a scalable business tool.
Enhancing Observability with Splunk AI
Connecting with Splunk AI makes this even more effective. Real-time analytics help security teams spot unusual agent behavior before it becomes a problem. Patterns are easy to see, and outliers are quickly noticed.
Picture a logistics company where an AI agent suddenly makes 300% more API calls in just a few minutes. Without integrating monitoring, this spike might go unnoticed unless something breaks. With Splunk AI, alerts go off immediately, letting teams act quickly.
The Implementation Challenge
Implementing non-human identity security for autonomous AI agents
Even with these benefits, implementation is not easy. Companies must first list all their existing non-human identities (NHI). This process often uncovers hundreds or even thousands of unmanaged identities hidden in their systems.
The next step is classification. Not all agents have the same level of risk. For example, a reporting bot is very different from an AI model that makes financial decisions. Setting priorities is key.
Finally, organizations need to add identity controls to their workflows without disrupting operations. This takes teamwork across IT, security, and business units, and many underestimate how challenging this can be.
But the alternatives are not sustainable. As autonomous systems grow, unmanaged identities will continue to increase, risking both security and complexity.
Strategic Consequences for Executives
Adopting Cisco Asterix signals a significant shift in enterprise strategy. AI is no longer a tool for productivity. It has become an operational layer that needs governance, oversight, and accountability.
Executives need to reconsider where they invest. Spending on AI agent security will increase, not just for defense, but to support scalable AI adoption. Budgets will shift toward identity management, observability, and compliance frameworks aligned with NIST AI 2.0.
This change also affects how organizations define success. It is no longer enough to launch AI systems quickly. They must also run securely, transparently, and within set policy limits.
A New Baseline for Autonomous Systems
Ghost agents used to flourish in space amid innovation and governance. Now that the gap is closing. With Cisco Astrix, companies get the tools to define, monitor, and control every autonomous identity in their systems.
The next stage of AI adoption will focus less on the number of agents and more on how well they are managed. As zero-trust principles permeate, every part of the infrastructure and agentic identity becomes standard, invisible, and unmanaged; AI agents will disappear.
What comes next is a more disciplined and accountable model. In this new approach, autonomy does not mean losing control, and AI agent security serves as the foundation for progressive innovation.
- Meta Title (60 characters)
- Meta Description (160 characters)
- SEO Tags (5)
Source: CISCO Newsroom
