Start with Identity
AI Identity

Astrix Security

Founded 2021Tel Aviv, IsraelPrivate (VC-backed)Score 4/5Evaluated 2026-06-19Website ↗

Capability scores

Methodology →
Authentication
3.5
SSO & Federation
3.0
Authorization
3.5
Lifecycle & Provisioning
4.0
MFA & Passwordless
2.5
Governance & Audit
4.5
Developer Experience
3.5
Deployment Flexibility
3.0
Pricing Transparency
2.5
Support & Ecosystem
3.5

Scored 0–5 against a published rubric. Independent analysis, no vendor sponsorship.

Overview

Most organizations have far more non-human identities (service accounts, API keys, OAuth tokens, secrets, and now AI agents) than human ones, and almost no one knows where they all live or what they can access. Astrix Security tackles that blind spot by discovering, inventorying, and risk-scoring these non-human identities across SaaS, cloud, and AI platforms. Founded in 2021 in Tel Aviv, it is positioned as a security and governance layer rather than an authentication system.

What it is good at

Astrix is strongest at discovery and posture management. It connects to your environments, surfaces over-permissioned or stale credentials, flags risky third-party OAuth grants, and now extends to AI agent and MCP-style connections. Governance and audit visibility are the clear strengths, scoring highest. For security teams that need to map sprawl across many SaaS and cloud systems quickly, the breadth of discovery is the draw.

Where it falls short

It is not an IdP, so authentication, SSO, and MFA are largely out of scope, and it leans on the systems it monitors for enforcement. Remediation is improving but still partly advisory. As with the whole non-human identity category, the tooling is young and best treated as a visibility and risk layer alongside existing IAM, not a replacement for it.

Pricing

No public pricing. Sold as an annual enterprise subscription, typically scoped by environment size and connected platforms. Expect a sales-led process and a proof of value before commitment. Model your footprint with the TCO calculator.

Best for, and who should look elsewhere

A fit for security teams that need visibility into service accounts, API keys, OAuth grants, and AI agent integrations across SaaS and cloud. Look elsewhere if you want a runtime workload IAM control plane like Aembit rather than discovery and posture, or need published pricing. Compare with Oasis Security, Token Security, and the AI identity category.

Bottom line

A solid choice for security teams that need to see and govern non-human and AI agent identities. Pair it with your existing IdP rather than expecting it to authenticate anything.

By SWI Community Team · Last evaluated 2026-06-19

Independent, community-driven analysis. No vendor sponsorship. Compiled from public research and community input and verified on a best-effort basis, so details may be incomplete or out of date. Scores are opinions, not advice. Trademarks belong to their owners; mention does not imply affiliation or endorsement. See the full disclaimer, or send corrections to community@startwithidentity.com.