The Identity Bill Comes Due: Cisco, ServiceNow Bet on Non-Human Auth

The question every Head of Platform should be putting in front of their CFO this week is whether the identity stack they budgeted for in 2025 still maps to the workload that actually runs in production. It probably doesn't. In the last fortnight, Cisco announced its intent to buy Astrix Security, ServiceNow shipped a new governance product built on Armis and Veza, and XBOW closed another $35 million on top of an already-announced Series C. Three different bets, one shared thesis: the identity that matters now is the one that doesn't have a human attached to it.

For platform leads sitting on six- and seven-figure renewal cycles with their IAM and CNAPP vendors, this week reframed the buying conversation. The dashboard era of security tooling is closing. The agent era is opening, and the vendors are repositioning before the budgets do.

What Happened

Cisco announced its intent to acquire Astrix Security, a non-human identity company focused on API keys, service accounts, OAuth tokens and the credentials AI agents use to reach enterprise systems. Cisco plans to fold Astrix into Cisco Identity Intelligence and extend the capabilities into Secure Access and Duo, framing the deal as part of its push to secure what it calls the "agentic workforce."

ServiceNow took a different route on the same problem, launching Autonomous Security & Risk, a product that bundles Armis and Veza integrations into a single governance layer. Veza contributes visibility into human and non-human identities and the access relationships between them. Armis adds real-time asset intelligence across IT, OT, IoT, cloud workloads and connected devices.

XBOW, whose platform uses AI to continuously find and exploit application vulnerabilities, secured an additional $35 million from Accenture Ventures, DNX Ventures, Liberty Global Tech Ventures, NVentures, Samsung Ventures and SentinelOne S Ventures. That extends a previously announced $120 million round to $155 million total, with Samsung serving as a preferred reseller in South Korea.

Underneath all this, as MSSP Alert reported, Keeper's research found 89% of senior IT leaders are struggling to manage a growing identity footprint, with non-human identities the fastest-growing slice. Gigamon's data is bleaker still: AI is involved in 83% of reported breaches, and 65% of organizations were breached in the past year. MSPAlliance, meanwhile, added Service Lines to Cyber Verify so MSPs can map audited controls to the specific managed services they sell, and align those mappings with MSAs. Sysdig pushed CNAPP capabilities out of the dashboard and into AI coding agents, CLIs, plug-ins and MCP services.

Technical Anatomy

The structural shift here isn't a new threat model, it's a new principal. For two decades, identity systems were built around a human at a keyboard with an SSO session and a directory record. Service accounts existed, but they were tolerated rather than governed. SAML and OIDC carried the weight, and audit logs assumed a person on the other end.

What broke that assumption is the agent. An AI agent calling an internal API doesn't behave like a service account on a cron job, and it doesn't behave like a logged-in user either. It chains tool calls, persists OAuth tokens across sessions, invokes MCP services on behalf of multiple humans, and emits actions at machine cadence with human-shaped intent. The credential it holds, an API key, an OAuth refresh token, a workload identity, was designed for one of the two old worlds, not this hybrid one.

That's the gap Astrix sells into and the gap Veza models from a different angle. Astrix inventories the credentials and ties them to the workloads consuming them. Veza graphs the access relationships, mapping which identity (human or not) can reach which resource through which permission. Armis sits one layer down, telling you what's actually on the network and which device or workload is the real source of a given action. Stitch the three together and you get something close to provenance for an agent action: who instigated it, what credential carried it, what asset executed it, what data it touched.

Sysdig's headless move pushes the enforcement surface in the opposite direction, into the IDE, the CLI and the MCP service. The trade-off is real. You reduce context-switching and triage time, but you also distribute policy decisions across surfaces that historically had no audit obligation. If an agent invokes a remediation through a CLI plug-in, the question of who approved it, and whether the approval was logged with the same fidelity as a console action, becomes a control design problem, not a UX one. This is where frameworks like MITRE ATT&CK still struggle to model agent-mediated TTPs cleanly, and where OWASP categories around broken access control are quietly being rewritten in practice if not yet in print.

Who Gets Burned

Three groups are exposed in the next 90 days.

First, fintech and iGaming platform teams who built their identity stack around a single IDP and a CSPM tool. If 89% of senior IT leaders can't manage their identity footprint, the regulated verticals are worse, not better, because their service account sprawl is older and their audit obligations are heavier. A GC at a licensed operator should be asking the VP Eng this week whether the company can produce, on demand, a list of every non-human identity with access to player data or settlement systems, scoped by the credential type and the workload consuming it. If the answer involves a spreadsheet, the next regulator visit is going to be unpleasant.

Second, mid-market MSSPs and MSPs without a non-human identity story. Cisco is going to bundle Astrix into Duo and Secure Access, ServiceNow is going to bundle Veza and Armis into the workflow plane that finance and ops already live in. The MSP that sells a basic EDR plus SIEM stack is about to look thin next to a competitor whose Cyber Verify report maps controls directly to service lines and contractual obligations.

Third, vendors selling point CNAPP without an agent story. Sysdig's headless push is a tell. If your CNAPP only lives in a console, your renewal conversation in 2026 is going to be harder, because the buyer is going to ask why their developers should leave Cursor or Claude Code to use it. The unit economics of "another portal license" are getting worse the more agents enter the workflow.

The hiring market follows the budget. Expect non-human identity engineering to become its own JD line within twelve months, separate from IAM and separate from cloud security.

Playbook for Security Teams

Treat this as a procurement and architecture quarter, not a tooling-evaluation quarter.

Run a non-human identity inventory before the next board meeting. API keys, OAuth tokens, service accounts, workload identities, agent credentials. Tag each one with the workload it serves, the data scope it touches, and the human or system that owns its rotation. If you can't tag it, you can't govern it, and you certainly can't audit it. Cross-reference against the CISA KEV catalog for any exposed services those identities front.

Renegotiate, don't renew. If you have a Duo or Cisco Identity contract coming up, the Astrix integration is use. If you have a ServiceNow GRC footprint, Autonomous Security & Risk should be a line item in your next true-up conversation, not an upsell you accept at list. The vendors moved this month because they expect your budget to move next quarter. Make them earn the wallet share.

For MSPs specifically, look hard at the MSPAlliance Service Lines feature inside Cyber Verify. Mapping audited controls to specific service lines and MSAs is the kind of artifact that turns a compliance report from a marketing PDF into a contractual instrument. That changes how you defend pricing in renewal conversations with sophisticated clients.

Finally, on the offensive side, validate the AI-driven pen test thesis on a single application before signing an enterprise deal. XBOW's $155 million round signals durability, but the buying question is whether continuous, validated findings actually displace your existing point-in-time pen test budget or just add to it. The CFO will ask. Have the answer.

Key Takeaways

• Non-human identity is now the dominant identity category for security buyers, with 89% of senior IT leaders struggling to manage their footprint per Keeper's research.
• Cisco's Astrix acquisition and ServiceNow's Autonomous Security & Risk launch are the same bet from opposite ends of the stack: governance of the agentic workforce.
• Headless security (Sysdig's CNAPP into AI agents, CLIs, MCP services) trades dashboard fatigue for distributed policy enforcement, and that trade needs explicit audit guardrails.
• MSPs without a service-line-level compliance artifact, like MSPAlliance's new Cyber Verify feature, are about to lose pricing use to competitors who have one.
• Teams evaluating identity tooling should now be asking whether their renewal contracts give them use on the agent layer, or whether they're locked into a 2024 stack at 2026 prices.