Infoblox to acquire Axur to scale AI-led protection against phishing and brand abuse

Infoblox, a provider of hybrid and multi-cloud networking and preemptive security, has entered into a definitive agreement to acquire Axur, an AI-powered external threat protection company, as it looks to strengthen defences against phishing, impersonation and fraud that increasingly originate beyond traditional network perimeters.

The transaction is subject to regulatory approvals and customary closing conditions, and is expected to close in Spring 2026. Infoblox and Axur will continue to operate independently until the deal is completed.

Infoblox said the acquisition will broaden its preemptive security strategy to better address brand abuse, fraud, data and credential theft, and other external digital threats that can surface on fake websites, social platforms, app stores and search ads, before they reach users or enterprise environments.

“Many modern attacks now start outside the traditional network, on fake websites, social platforms, app stores and search ads,” said Scott Harrell, president and CEO of Infoblox. “That’s why security teams are moving beyond their perimeter, focusing on seeing what’s exposed and reducing risk before a breach. Axur extends our preemptive security offering by giving customers the ability to see and stop these threats earlier with rapid, AI-powered detection and takedowns that disrupt malicious infrastructure before it can be weaponised.”

The announcement comes as security teams face a growing volume of AI-enabled social engineering campaigns, where threat actors use automation to scale convincing phishing, impersonation and fraud operations. Infoblox positioned the deal as a response to the need for earlier visibility and faster disruption of malicious infrastructure outside the corporate boundary.

Axur’s platform uses AI to automate external threat discovery, validation, takedown and ongoing monitoring aimed at preventing threats from returning. The company said it can notify new phishing detections for takedown in under four minutes and achieves nearly 99% takedown success rates.

Infoblox said combining Axur’s takedown capabilities with its own approach to “preemptive security” would allow organisations to block communication with malicious infrastructure at the DNS layer while takedowns are in progress, helping reduce median attack uptime to hours rather than days. The combined offering will also use network-level asset and IP attribution to help teams identify ownership of infrastructure and remediate risk more quickly, the company said.

Together, the companies said the combined approach will focus on three areas: detecting external threats earlier, including phishing sites, social media and messaging fraud, fake mobile apps and leaked credentials; disrupting malicious infrastructure faster through automated workflows; and protecting brands, executives, customers and end users with less operational effort by reducing manual investigation and response.

“Axur was built to help organisations keep pace with attackers through automation, transparency and measurable outcomes,” said Fabio Ramos, CEO of Axur. “Joining Infoblox allows us to scale these capabilities globally and enhance external threat disruption with deeper network and security context, delivering a more preemptive approach to protection.”

The deal also reflects broader consolidation in cybersecurity as platform vendors push to bring external threat discovery and takedown into the same security stack as network-layer controls. For enterprise buyers, that can reduce dependence on multiple point tools while raising the bar on speed, automation and measurable disruption, particularly as AI-driven phishing and impersonation campaigns scale.

Legal advisers on the deal include Hogan Lovells and Levy & Salomão Advogados for Infoblox, and Bronstein, Zilberberg, Chueiri & Potenza Advogados and Cooley for Axur. Stifel is acting as financial adviser to Axur.