Infoblox to buy Axur to bolster AI-powered threat defence

Infoblox has agreed to acquire Axur, an external threat and brand protection security provider that uses artificial intelligence for detection and takedowns of phishing and impersonation activity.

The companies said they had signed a definitive agreement. They said the deal remained subject to regulatory approvals and other closing conditions. Infoblox said it expected the transaction to close in Spring 2026.

Infoblox said the acquisition would expand its pre-emptive security strategy. It highlighted brand abuse, fraud, data theft and credential theft as key areas. It also pointed to a broader set of "external digital threats" that sit outside the traditional network perimeter.

Axur focuses on threats across public internet infrastructure and consumer-facing channels. Infoblox said modern attacks increasingly begin on fake websites, social platforms, app stores and search advertising. It positioned the deal as a response to attackers using AI to scale phishing, impersonation and fraud campaigns.

The companies also drew attention to info stealer activity. Infoblox said data and credential theft, described as "info stealers", had risen in Australia, with thousands of victims in recent months.

Axur platform

Axur said it uses AI to automate external threat discovery, validation, takedown and ongoing monitoring. It said the monitoring prevents threats from returning. It said it could detect new phishing activity in under four minutes and achieve nearly 99 percent takedown success rates.

Infoblox said the combined offering would blend Axur's takedown processes with Infoblox's network security controls. It referenced controls at the Domain Name System layer. It said organisations could block communication with malicious infrastructure while takedowns remain in progress.

Infoblox said this approach reduced median attack uptime to hours rather than days. It also referenced "network-level asset and IP attribution". It said this would allow teams to identify ownership and remediate risk.

Perimeter shift

Infoblox said it viewed the market as moving away from a perimeter-led security model. It said security teams were increasingly tracking exposed assets and risks outside the enterprise network.

"Many modern attacks now start outside the traditional network, on fake websites, social platforms, app stores and search ads," said Scott Harrell, President and CEO, Infoblox.

"That's why security teams are moving beyond their perimeter, focusing on seeing what's exposed and reducing risk before a breach. Axur extends our preemptive security offering by giving customers the ability to see and stop these threats earlier with rapid, AI-powered detection and takedowns that disrupt malicious infrastructure before it can be weaponised," said Scott Harrell, President and CEO, Infoblox.

Operational plans

The companies said Infoblox and Axur would continue to operate independently until the transaction closes. They also said they would provide additional details after completion.

Axur said the combination would expand its reach and connect its work with network and security data from Infoblox.

"Axur was built to help organisations keep pace with attackers through automation, transparency and measurable outcomes," said Fabio Ramos, CEO, Axur. "Joining Infoblox allows us to scale these capabilities globally and enhance external threat disruption with deeper network and security context, delivering a more preemptive approach to protection," said Ramos.

Infoblox did not disclose financial terms of the agreement.