Partnership combines standards, agentic AI enablement, and security controls to help enterprises innovateresponsibly with AIDubai, UAE., Dec. 4, 2025 — The Center for Internet Security, Inc. (CIS®), Astrix Security, and CequenceSecurity today announced a strategic partnership to develop new cybersecurity guidance tailored to theunique risks of artificial intelligence (AI) and agentic systems.This collaborative initiative builds on the globally-recognized CIS Critical Security Controls® (CISControls®), extending its principles into AI environments where autonomous decision‑making, tool and APIaccess, and automated threats introduce new challenges. The intent of the partnership includes initiallydeveloping two CIS Controls companion guides: one for AI Agent Environments, which will focus onsecuring the agent system lifecycle; the other for Model Context Protocol (MCP) environments.MCP environments introduce unique risks, including credential exposure, ungoverned local execution,unapproved third‑party connections, and uncontrolled data flows between models and tools. Together,these guides will provide targeted safeguards for organizations operating in environments where MCPagents, tools, and registries interact dynamically with enterprise systems.“AI presents both tremendous opportunities and significant risks,” said Curtis Dukes, Executive VicePresident and General Manager of Security Best Practices at CIS. “By partnering with Astrix andCequence, we are ensuring that organizations have the tools they need to adopt AI responsibly andsecurely.”Astrix’s contribution centers on securing AI agents, MCP servers, and the Non‑Human Identities (NHIs),such as API keys, service accounts, and OAuth tokens, that link them to critical systems.“AI agents and the non‑human identities that power them bring great potential but also new risks,” saidJonathan Sander, Field CTO of Astrix Security. “Our focus is helping enterprises discover, secure, anddeploy AI agents responsibly, with the confidence to scale. Through this partnership, we’re providing clear,practical guidance to keep AI ecosystems safe so organizations can innovate with confidence.”Cequence brings years of enterprise application and API security experience to agentic AI enablementand security.“As organizations embrace agentic AI, trust hinges on visibility, governance, and control over what thoseagents can see and do to your applications and data,” said Ameya Talwalkar, CEO of Cequence Security.“Security is strongest through collaboration, and this partnership gives organizations clear guidance toadopt AI safely and securely.”How the Partnership Supports Organizations
2• Extends trusted cybersecurity frameworks into AI environments, addressing risks from autonomoussystems and integrations.• Delivers clear, prioritized safeguards that guide enterprises toward secure and responsible AIadoption.• Combines expertise across standards, API security, and application defense to providecomprehensive protection.The new guidance is scheduled for release in early 2026, accompanied by workshops, webinars, andsupporting resources delivered jointly by CIS, Astrix, and Cequence. Together, the organizations aim tohelp enterprises translate recommendations into practice while building a stronger foundation of trust,transparency, and resilience across the AI ecosystem. By working from a shared framework, enterprises,vendors, and security leaders can align on a common language for securing AI environments.###About CISThe Center for Internet Security, Inc. (CIS) makes the connected world a safer place for people,businesses, and governments through our core competencies of collaboration and innovation. We are acommunity-driven nonprofit, responsible for the CIS Critical Security Controls® and CIS Benchmarks®guidelines, globally recognized best practices for securing IT systems and data. We lead a globalcommunity of IT professionals to continuously evolve these standards and provide products and servicesto proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State InformationSharing and Analysis Center® (MS-ISAC®) organization, the trusted resource for cyber threat prevention,protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, andthe Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®) organization, whichsupports the rapidly changing cybersecurity needs of U.S. election offices. To learn more, visitcisecurity.org or follow us on X: @CISecurity.About Astrix SecurityAstrix secures the full lifecycle of AI agents and the Non-Human Identities (NHIs) that power them,extending traditional IAM to govern the modern AI attack surface. While agents and other NHIs outnumberhumans 100:1, they remain under the radar, creating the biggest blind spot in our identity perimeter. Astrixprovides a unified solution for continuous discovery of all AI agents and NHIs, security and remediation ofexcessive privileges, protection against real-time threats, and responsible adoption of new agents with’secure by design’ guardrails like agentic just-in-time access. This enables enterprises to adopt AIresponsibly while accelerating productivity. Astrix is trusted by leading organizations including Workday,NetApp, Priceline, Figma, HubSpot, Workato, and many more. To learn more, visit https://astrix.security/.About Cequence SecurityCequence is a pioneer in API security and bot management, making the applications and APIs thatorganizations depend on AI-ready while protecting them from attacks, business logic abuse, and fraud.Our unique solutions unlock the promise of agentic AI productivity while providing real-time securityagainst increasingly subtle and sophisticated threats. Cequence delivers value in minutes rather than days
3or weeks with a highly scalable no-code, no-risk approach. Trusted by the largest and most demandingprivate and public sector organizations, Cequence protects more than 10 billion daily API interactions and4 billion user accounts. To learn more, visit www.cequence.ai.
CIS, Astrix, and Cequence Unite to Deliver Actionable Guidance for Securing AI Environments
