Cisco is reportedly in negotiations to acquire US-based cyber asset management specialist Axonius for $2BN, the latest deal indicating how deeply enterprise security is becoming intertwined with customer experience strategy.
The potential deal, reported by Calcalist, would strengthen Cisco’s expanding enterprise security portfolio, and comes during a period of increased M&A activity, including ServiceNow’s recent acquisition of Armis.
Like Armis, Axonius was founded by former IDF intelligence veterans. Its platform creates a centralized inventory of all the devices, applications, cloud assets and user accounts that connect to an enterprise’s network and correlates data from existing security and IT tools so that they can have a “single source of truth” to manage network access.
As enterprises manage omnichannel customer interactions at scale, every digital touchpoint from contact center applications to mobile app backend and customer data platforms relies on assets that must be continuously monitored and secured. Gaps in visibility can expose sensitive customer data and disrupt service continuity.
Axonius’s technology integrates with more than 300 security and management solutions. It is designed to be deployed quickly so that enterprises can identify missing controls and automatically enforce security policies. That automation translates into reduced downtime, fewer incidents that affect customers and faster remediation if an incident does happen.
In October 2025, Axonius expanded its platform with a series of AI-driven enhancements designed to help security teams move faster from insight to action. The company introduced Axonius AI alongside major updates to Axonius Asset Cloud and the launch of Axonius for Healthcare. New features include automated inventory classification, business unit and owner identification and non-human identity classification. The healthcare-specific features are available now and expanded AI capabilities will reach general availability in the first half of 2026.
Axonius has raised roughly $700MN to date from investors including Accel, Silver Lake, Bessemer Venture Partners, Iconiq Capital and Alkeon Capital. In July last year, it acquired Cynerio, a cybersecurity firm specializing in protecting medical devices in hospitals, a sector where security failures have direct, real-world customer and patient consequences.
Despite the report, Axonius denied that it’s in takeover negotiations, stating: “Axonius is not in talks to be acquired by Cisco. Our strategy is to build a durable, independent company. We are focused on execution, serving our customers, and continuing our growth. That is where our attention is.”
But while the company rejected the idea publicly, as Zeus Kerravala, Principal Analyst, ZK Research told CX Today:
“Generally when there is smoke there is fire.”
A potential sticking point is the valuation.
“A sale of $2B would be a bit of a surprise as the last valuation for the company was $2.6BN so that’s perhaps a starting point.”
Whether or not a deal materializes, the strategic logic behind Cisco acquiring the company is clear. The vendor has been steadily expanding its security footprint, making several security-related acquisitions in 2024, including its $28BN takeover of Splunk, as well as buys of Isovalent, DeepFactor and Robust Intelligence. In early 2025, Cisco added SnapAttack, and most recently in August 2025 it acquired Aura Asset Intelligence, formerly Discovered Intelligence, to reinforce its focus on asset visibility.
Why Security Visibility Is Now Critical to Every Customer Experience
As customer journeys increasingly span cloud platforms, SaaS tools, employee devices, connected products and third-party systems, any blind spot in security can quickly become a customer-facing failure, from service outages and data exposure to compliance breaches.
By embedding intelligence into platforms that orchestrate work and customer interactions, vendors are responding to the growing number of high-profile security breaches exposing customer data and acknowledging the reality that if security isn’t solid, the customer experience falls apart fast.
ServiceNow has positioned security and operational resilience as essential to digital workflows and service delivery. Cisco appears to be doing the same.
“The rumored interest in acquiring Axonius does mirror ServiceNow’s recent acquisition of Armis in that both deals center on asset visibility as a foundational security capability,” Kerravala said. “Armis and Axonius each provide deep visibility into managed and unmanaged assets across IT, IoT, and OT environments—areas where enterprises increasingly lack control and insight.”
“In ServiceNow’s case, Armis significantly expands its security and risk platform by embedding real-time asset intelligence into AI-driven workflows. A Cisco/Axonius deal would follow a similar logic: adding a best-in-class asset intelligence layer to strengthen Cisco’s broader networking and security platform rather than simply buying another point product.”
In 2026, the attack surface facing enterprises is set to expand even further. Beyond laptops and mobile phones, networks will increasingly connect assets that directly support customer-facing operations that often operate outside traditional IT controls, making them harder to track and secure.
“The interest in asset visibility is well timed as the number of connected devices continues to grow with more coming,” Kerravala said.
“In every keynote from Nvidia last year, the company talked extensively as to how the next wave of AI will be physical AI, that is connecting robots, autonomous machines and more. Protecting these requires an understanding of what’s connected and their behavior and that’s what Armis and Axonius do.”
Without comprehensive visibility and automated enforcement, each new device introduces a potential blind spot and an opportunity for attackers to penetrate networks, disrupt services, or access sensitive customer data. Acquisitions are the fastest way for large vendors to gain the unified security capabilities their customers need at scale, prioritizing integration, automation and exposure management over standalone tools.
