CIS, Astrix & Cequence Announce Partnership to Secure AI Systems

The Center for Internet Security, Inc. (CIS®) has joined forces with Astrix Security and Cequence Security to launch a new strategic partnership aimed at developing cybersecurity guidance specifically designed for environments powered by artificial intelligence (AI) and agentic systems. As AI rapidly evolves and introduces new risks related to autonomous decision-making, API access, and automated threats, this collaboration seeks to fill an urgent security gap with actionable and structured best practices.

This initiative builds on the widely adopted CIS Critical Security Controls®, extending their long-standing security principles into the emerging domain of AI-driven ecosystems. The partnership’s first major output will be two companion guides. One will serve AI Agent Environments, offering instructions on securing the entire lifecycle of agentic systems. The other will focus on Model Context Protocol (MCP) environments, which are becoming increasingly important as AI systems integrate with tools, plugins, and external data sources.

MCP environments, in particular, create unique challenges for cybersecurity teams. They often involve uncontrolled data flows, credential exposure, unsecured local execution, and unapproved third-party interactions. When MCP agents, registries, and tools dynamically connect to enterprise applications, the attack surface expands dramatically. The planned guidance will help organizations establish targeted, practical safeguards tailored to this new reality.

Curtis Dukes, Executive Vice President and General Manager of Security Best Practices at CIS, highlighted the urgency of the effort, stating, “AI presents both tremendous opportunities and significant risks. By partnering with Astrix and Cequence, we are ensuring that organizations have the tools they need to adopt AI responsibly and securely.”

Astrix’s expertise will be instrumental in protecting AI agents, MCP servers, and the Non-Human Identities (NHIs) that enable them. These NHIs—including service accounts, OAuth tokens, and API keys—play critical roles in connecting AI systems to essential business applications but can be exploited if not properly governed. Jonathan Sander, Field CTO at Astrix Security, emphasized the duality of potential and risk, explaining, “AI agents and the non-human identities that power them bring great potential but also new risks… Through this partnership, we’re providing clear, practical guidance to keep AI ecosystems safe so organizations can innovate with confidence.”

Cequence Security will contribute its long-standing experience in API and application security, focusing on strengthening governance and visibility across agentic environments. Ameya Talwalkar, CEO of Cequence Security, underscored the importance of transparency and control, saying, “As organizations embrace agentic AI, trust hinges on visibility, governance, and control over what those agents can see and do to your applications and data.”

Together, CIS, Astrix, and Cequence aim to:

• Extend proven security frameworks into AI environments.

• Provide clear, prioritized, and actionable safeguards for secure AI adoption.

• Unite expertise from standards development, API defense, and application security to build stronger protections.

The new guidelines—expected to release in early 2026—will be accompanied by workshops, webinars, and additional educational resources. These efforts will help organizations implement recommendations effectively and build a shared understanding of how to secure AI systems. By establishing a common language and framework, the partnership hopes to enhance resilience, trust, and security across the rapidly growing AI ecosystem.

To join our expert panel discussions, reach out to info@intentamplify.com

Recommended News

• Akamai and Aptum Partner to Help Customers Scale in Cloud
• Broadcom Chooses Vectara for AI-Powered Customer Service
• Inorsa Unveils Site Intelligence and AI Assistant