Infoblox has announced it will acquire Axur, a specialist in AI-powered external threat protection, as organisations increasingly confront attacks that originate outside the traditional network perimeter.
Under the definitive agreement, Infoblox will integrate Axur’s capabilities into its preemptive security strategy to better address brand abuse, phishing, fraud, and large-scale data and credential theft. The move comes amid a sharp rise in so-called “info stealer” activity, with thousands of Australian users affected by credential theft in recent months.
The acquisition reflects a broader shift in security strategy as attackers use AI to scale phishing, impersonation and fraud across fake websites, social platforms, mobile app stores and search advertising. These threats often mature well before they touch corporate infrastructure, leaving perimeter-focused controls blind to early stages of an attack.
Axur’s platform uses AI to automate the discovery, validation and takedown of external threats, including phishing domains, impersonation campaigns and rogue applications. The company claims it can detect new phishing activity in under four minutes and achieve takedown success rates approaching 99%, with continuous monitoring to prevent threats from reappearing.
Infoblox said combining Axur’s external threat intelligence with its own DNS-layer enforcement enables a more proactive response model. While takedowns are in progress, organisations can immediately block communication with malicious infrastructure at the network level, reducing attack dwell time from days to hours. Network-level asset attribution can also help security teams identify ownership and remediate exposed assets more quickly.
Infoblox president and CEO Scott Harrell (pictured) said modern attacks increasingly begin outside the enterprise, making early visibility and disruption essential. He said the Axur acquisition extends Infoblox’s ability to detect and neutralise threats before they are weaponised, rather than reacting after credentials are stolen or brands are abused.
For CISOs, the combined capabilities are positioned to support three core risk priorities: earlier detection of external threats before users are targeted, faster disruption of malicious infrastructure through automation, and reduced operational burden on security teams managing large-scale impersonation and fraud campaigns.
Axur CEO Fabio Ramos said joining Infoblox allows the company to scale its automation-driven approach globally, combining external threat disruption with deeper network and security context to deliver a more preemptive model of defence.
Infoblox and Axur will continue to operate independently until the transaction closes, which is expected in spring 2026, subject to regulatory approvals and customary closing conditions.
