The Center for Data Innovation recently spoke with Balázs Scheidler, CEO of Axoflow, a Connecticut-based cybersecurity company helping organizations move data securely across their online networks by improving how their existing security tools collect, process, and analyze data using a security data platform and AI tools. Scheidler discussed how Axoflow improves data quality before it reaches security analytics platforms by strengthening their threat detection capabilities and simplifying the management of growing data volumes.
David Kertai: What problem is Axoflow solving?
Balázs Scheidler: Most organizations rely on platforms called Security Information and Event Management systems, or SIEMs, to monitor their networks for cyber threats. These systems analyze logs—the routine records that computers, applications, and devices generate about their activity—to identify suspicious behavior and alert security teams.
The problem is that SIEMs only work well when the data they receive is clean and consistent. In practice, organizations often send them huge volumes of messy or low-value logs. Different systems record events in different formats, and the data often contains redundant or incomplete information. When SIEMs receive this kind of input, they struggle to interpret it, which increases false alarms and can cause teams to miss real attacks.
Axoflow addresses this problem by inserting what we call a Security Data Layer between log sources and the SIEM. This software layer cleans, standardizes, and filters logs before they reach security tools, improving detection accuracy while reducing the amount of manual work security teams have to do. As part of the broader Axoflow platform, we also use AI models that learn from log patterns, optimize how data flows through existing security systems, and automate much of the ongoing pipeline maintenance.
Kertai: How do your AI models automate security procedures?
Scheilder: Our supervised machine learning models—trained on labeled examples—maintain an evolving library of log “fingerprints” that recognize patterns and adapt automatically when vendors change log formats. The models act as assistants by analyzing sample logs, suggesting rules for interpreting data, and translating plain‑language instructions into pipeline configurations. This support frees engineers from repetitive, time‑consuming maintenance work so they can focus on higher‑value tasks like threat hunting and system design rather than continually rebuilding their data pipelines.
Kertai: How does Axoflow fit into the company’s existing networks?
Scheilder: We integrate into existing environments by letting organizations redirect log sources through our security data layer and AI models, instead of sending them directly to the SIEM. We process that data in transit and then deliver it to the organization’s existing security tools, allowing companies to keep their current security stack unchanged.
For teams that want visibility without modifying their data pipelines, Axoflow provides AI agents that monitor existing log collectors. The platform supports both legacy and modern systems, including Windows event logs, Kubernetes environments, and cloud platforms. It also formats logs to match different SIEM requirements, which simplifies migrations and enables organizations to operate multiple SIEM platforms at the same time.
Kertai: Could you provide any real-world examples of your system in use?
Scheilder: Yes, for example, a global industrial company sent two terabytes of data per day to the security analytics platform called Splunk, and our system eliminated redundant firewall logs and cut investigation times by more than 80 percent. Large U.S. healthcare systems that process over ten terabytes of logs daily report similar gains, as Axoflow identifies unnecessary data sources, reduces total volume by 25 percent, and lowers storage costs by 30 percent.
Government agencies that handle around twenty terabytes of data per day rely on Axoflow to detect malformed messages and routing issues. By pinpointing these problems in real time, Axoflow reduces troubleshooting efforts from hours to minutes and strengthens overall operational efficiency
Kertai: What challenges does Axoflow face?
Scheilder: One challenge we face is educating organizations about the real bottlenecks in security data management. For years, security teams have tried to control SIEM issues, such as high costs, slow performance, and miss detections, by reducing the amount of data they take in. But the deeper issue comes from how these systems are designed. Most platforms take in data first and attempt to filter it later, which increases costs and weakens detection.
We aim to highlight that organizations should clean and reduce data before taking it in. Our autonomous Security Data Layer is designed to optimize this process without constant manual intervention. As data volumes continue to grow, security teams must shift from manually managing pipelines to deploying systems that optimize themselves. That shift requires organizations to rethink how they govern and manage security data.
