Axe Group Scales Cloud Innovation and Security with CrowdStrike

Sydney-based Axe Group builds cutting-edge software that helps life insurers cross Australia and New Zealand stay ahead of the market. Its flagship solution, Axe Flow is a modular SaaS platform that processes more than AU$7 billion in policies and claims each year, delivering agility and speed to leading insurers and reinsurers.

With its platform running on AWS infrastructure, Axe’s success depends on availability, data protection, and regulatory compliance. But maintaining that security posture with a lean team was challenging.

“Before CrowdStrike, we had limited visibility and no ability to stop threats in real time,” said Gaurav Verma, Head of IT Risk and Security. “We relied on native cloud tools that generated a flood of false positives and offered no context or prioritization.”

After evaluating several endpoint protection providers, Axe selected CrowdStrike for its AI-native Falcon® platform and fully managed detection and response service.

“In the first year, we deployed CrowdStrike on endpoints,” said Verma. “The results were so strong that we extended protection to our cloud infrastructure.”

With CrowdStrike Falcon® Complete Next-Gen MDR, Axe offloaded Level 1 and Level 2 security operations to CrowdStrike experts, freeing its in-house team to focus on governance, risk, and strategy.

“The Falcon Complete team reduced endpoint alerts to one or two per month and cloud alerts to only a few per week,” Verma said. “That time savings let us focus on higher-value work like compliance and policy development, such as our AI usage policy.”

Axe’s red team validated those results firsthand.

“In a recent penetration test, the attacker couldn’t establish a command-and-control connection … it was blocked on the fly by Falcon,” Verma recalled. “Within minutes, CrowdStrike called to confirm the event. They didn’t even know it was a test, the response was that fast.”

As Axe’s developers rapidly built and deployed new workloads, the security team struggled to track shadow IT activity: servers spun up in AWS without proper controls.

CrowdStrike Falcon® Cloud Security changed that. The solution now provides unified visibility and protection across Axe’s cloud footprint, automatically scaling as new instances are created.

“We can see exactly what services are running in Kubernetes,” Verma said. “If something is malicious, it’s blocked immediately by CrowdStrike. 90% of alerts are resolved automatically, so we rarely have to step in.”

Falcon Cloud Security also simplifies compliance. Its posture management capabilities automatically assess configurations against CIS and NIST benchmarks, accelerating audits for PCI DSS and SOC 2 Type II certifications.

“With a single click on the Falcon dashboard, I can confirm compliance,” Verma said. “It saves time and removes manual coordination with DevOps.”

Axe’s developers also use the CrowdStrike Security for Jenkins plugin to identify vulnerabilities early — “shifting left” in the development process. Every deployment includes a Falcon screenshot confirming a clean security assessment before approval.

“If a developer accidentally leaves an S3 bucket public or an EC2 security group open, CrowdStrike alerts us instantly,” Verma said. “It’s full visibility and accountability across teams.”

To further reduce noise and accelerate response, Axe adopted CrowdStrike Falcon® Next-Gen SIEM, managed by CrowdStrike and tightly integrated with Axe’s existing Falcon deployment.

“We started ingesting data from multiple sources and immediately saw value,” Verma said. “Because Falcon data is native to the platform, we only pay to ingest third-party sources.”

Axe streams high-value logs from tools such as Zscaler, Cloudflare, and AWS into Falcon Next-Gen SIEM. Combined with CrowdStrike Falcon® Fusion SOAR, Axe automates common workflows — resetting passwords when compromised credentials are detected, enforcing MFA after brute-force activity, and suppressing false-positive login noise.

“With managed Falcon Next-Gen SIEM, we don’t waste time triaging every alert,” Verma said. “CrowdStrike prioritizes what matters and calls us on critical events. Day to day, I spend five to ten minutes reviewing summaries instead of hours digging.”

Custom dashboards in Falcon Next-Gen SIEM provide real-time visibility for Axe’s security leadership and assurance for regulated customers.

“The dashboards give us the analytics we need to brief stakeholders and prove we’re protected,” Verma said. “We even flagged a potential DDoS pattern by correlating Cloudflare telemetry … everything is connected.”

Axe is growing rapidly, with infrastructure expected to expand by 40–50% in the coming years. Falcon Complete Next-Gen MDR ensures that security operations scale seamlessly without increasing headcount.

“Falcon Complete delivers 24/7/365 monitoring, blocking, and response,” Verma said. “Hiring a full SOC would cost at least ten times more. CrowdStrike represents exceptional value.”

The company is advancing its Zero Trust security model, guided by the principle of least privilege (POLP), and continues to rely on CrowdStrike for both technology and expertise.

“CrowdStrike’s support is exceptional,” Verma concluded. “They’re always accessible for technical or non-technical issues, it doesn’t matter. With CrowdStrike, we have confidence to innovate securely at scale.”