AI at Axiom Cyber
The AI behind ThreatTrace and our forthcoming CerberusNode platform
Privacy-first by design. Honest about what AI can and can't do. Built on principles, not hype.
AI Products We're Building
From consumer mobile protection to enterprise detection-and-response, with the platform infrastructure that ties it all together.
ThreatTrace
Launching late May 2026On-device machine learning that detects mobile threats without sending your data to the cloud. Network, application, hardware-proximity, configuration, and identity coverage — all running locally on your phone by default.
Learn more →CrowdScore (opt-in)
In developmentMulti-model cloud analysis available only with your explicit consent. When you choose to share a suspicious artifact, multiple AI models analyze it together for higher-confidence verdicts than any single model produces alone.
CerberusNode
In design — pilots plannedOur Total Detection and Response (TDR) platform for organizations. AI augments analysts at every step. AI never makes the kill decision alone; deterministic policy owns the microsecond outcome.
Learn more →PrometheusCore
In developmentPredictive threat analysis. Identifies attack patterns before they fully execute so your team can act on suspected threats with the confidence to block, rather than wait for full detonation.
Learn more →CyberSec MCP Server
In developmentTools for your security analysts to work alongside AI assistants. IOC enrichment, threat-intel lookups, log analysis, MITRE ATT&CK mapping — all accessible to your AI through a standard interface.
Learn more →Thoth (Multi-LLM AI Router)
In developmentWhen one model isn't enough. Routes security workflows across multiple AI providers and our own fine-tuned models, picking the best response for each task. Built-in fallback and provider redundancy.
Learn more →AI Model Manager
In developmentGovernance for the models running in your environment. Version tracking, performance monitoring, and policy enforcement for both cloud and on-device AI. Know what's running, where it's running, and what it's allowed to do.
Learn more →LLM Red-Team Framework
In designAdversarial testing for AI systems. We stress-test our own models — and our customers' — for prompt injection, jailbreak attempts, model evasion, and data leakage before they reach production.
How We Use AI
Five principles we apply to every AI feature we ship.
On-device by default
Your most sensitive analysis happens on your phone, not in our cloud. ThreatTrace ships fully on-device for users who never enable telemetry — and that's the default state, not a setting you have to hunt for.
Cloud analysis is opt-in
When you want the power of multi-model cloud inference, you turn it on. We never assume consent. Opt-in is explicit, reversible, and visible — and we tell you exactly what data leaves the device when you enable it.
AI is a signal, not the decision
Critical security decisions — block, allow, kill — happen through deterministic policy. AI provides additional context to support those decisions, but never gets the final vote on whether something dangerous happens on your device.
Honest about what we did
When we say a threat was prevented, we mean it was stopped before damage. When the outcome is ambiguous, we say so. We use a precise vocabulary — prevented, interrupted, detected, contained, remediated — instead of marketing words that overstate the actual security event.
Adversarially tested
Every AI feature is stress-tested against prompt injection, model evasion, and data leakage attempts before it reaches production. We red-team our own models with the same framework we offer to customers.