Target: AXA Group (Euronext: CS)
Audit Phase: V-DIG (Digital Forensics / Technology Supply Chain)
Audit Date: 2025-05-01
Evidentiary Basis: All findings derive exclusively from the research memo dated 2025-05-01. Claims are drawn only from sources independently corroborated in that memo; no new research has been conducted. Where the memo explicitly tags a claim as [PLAUSIBLE-UNVERIFIED] or [REJECTED/UNSUPPORTED], this audit preserves those designations and does not treat the underlying claim as established fact. “No public evidence identified” is used where that is the memo’s evidence-based conclusion.
Check Point is confirmed as an institutionalised security standard within at least one AXA subsidiary. AXA Sigorta’s 2021 Annual Report documents that 100% of its target audience completed “Security Check Point Training,” establishing Check Point as an active, embedded network security standard within AXA’s Turkish operations.12 This is a named, stable public corporate document.
AXA XL separately cited Check Point Research data — specifically a reported 30% rise in cyberattacks during the COVID-19 period — in a 2020 risk advisory article, establishing an intelligence-consumption relationship with Check Point’s research output.13 This confirms AXA XL monitored and acted on Check Point’s threat intelligence; it does not by itself confirm a direct licensing or procurement contract at the AXA XL level.
The claim that Check Point functions as “the foundational pillar” of AXA’s global security architecture is not supported by any identified public source. Confirmed scope is limited to AXA Sigorta (Turkey, 2021). Global enterprise-wide Check Point deployment remains unconfirmed.
At the 2025 UK & Ireland CISO Community Executive Summit (Evanta/Gartner), the published agenda listed a joint session between Julia Weimer (Head of Solutions Engineering, Wiz) and Shaun Crawford (AXA Business Security Partner), titled “Collaboration into Action — Cloud Security Approaches to Secure Business Growth.”20 In enterprise technology norms, joint vendor-client presentations at CISO-level executive summits are a recognised indicator of an active deployment relationship rather than a prospective or exploratory one.
The precise scope of any AXA-Wiz deployment — which AXA business units are covered, which cloud environments are scanned, and what contractual terms govern data access — is not disclosed in any verified public source. No AXA-named Wiz customer case study or press release has been independently located. Active engagement is confirmed (2025); deployment scope is publicly unconfirmed.
Wiz is an Israeli-founded cloud security company, headquartered in New York with significant R&D in Israel. This is a verifiable matter of public record.
CyberArk publishes two anonymised insurance-sector case studies: one titled “Leading Insurance Company Accelerates And Secures Their Digital Transformation” (North American insurer, OpenShift, Secrets Manager)18 and one referencing Federated Insurance specifically.19 A prior research memo asserted the North American case study correlates to AXA; this claim has been assessed as unsupported — CyberArk’s case study does not name AXA, and Federated Insurance is a US mutual insurer not owned by AXA Group. AXA Group’s published security strategy articulates a “Defence in Depth” philosophy,21 which is a widely used industry framework and does not constitute evidence of a CyberArk-specific procurement relationship.
No public evidence identified of a direct, named AXA-CyberArk customer relationship in AXA filings, CyberArk named references, or trade press as of April 2026.
No public evidence identified. No AXA-SentinelOne named customer relationship, case study, press release, or procurement record has been identified. Inference from vendor-to-vendor integration partnerships between SentinelOne and Wiz16 and between SentinelOne and CyberArk17 — the chain of reasoning being that if AXA uses Wiz and CyberArk and those vendors integrate with SentinelOne, AXA therefore uses SentinelOne — constitutes an architectural inference, not evidence of procurement. This claim has been assessed as unsupported.
Verint Systems publishes a named case study for AXA confirming active deployment of the Verint Open Platform within AXA’s Retail division.1 This is one of the most substantively evidenced vendor relationships identified in this audit. Key documented facts from that case study:
The Verint Open Platform is cloud-hosted; Verint’s cloud infrastructure locations — including whether any processing occurs in Israeli data centres — are not specified in the AXA case study. A data processing agreement or Verint’s infrastructure documentation would be required to resolve this question.
Corporate background: Verint Systems (NASDAQ: VRNT) originated from Comverse Technology / Comverse Infosys, which developed lawful interception technology. Verint is headquartered in Melville, New York, with significant R&D operations in Israel. This is a verifiable matter of corporate record. The Verint relationship is assessed as operationally embedded in critical customer-facing infrastructure — not a peripheral deployment — given its coverage of 100% of calls in the AXA Retail contact centre function.
Publicis Sapient is documented as a digital transformation partner to AXA Partners (an AXA Group subsidiary). Interface Magazine published a case study describing Publicis Sapient’s application of its “SPEED” methodology to AXA Partners’ technology modernisation programme.22 Publicis Sapient holds a global partnership with Google Cloud.23 No public document confirms that Publicis Sapient specifically recommended or deployed Israeli-origin cybersecurity vendors as part of its AXA engagement; that inference has been assessed as unverified.
No public evidence identified of AXA deploying facial recognition, biometric identification, gait analysis, or comparable technologies from any Israeli-origin vendor, including AnyVision/Oosto, Trigo, BriefCam, or Trax. Prior research explicitly conceded the absence of direct evidence for such relationships; discussion of “indirect vectors” through bank branches or future insurtech ecosystems was assessed as speculative and unsupported. Source classes reviewed included vendor press releases and named customer lists, AXA annual reports, and trade press on insurer use of biometrics.
The most substantive identified deployment in this domain is Verint Desktop & Process Analytics, confirmed as active within AXA Retail’s contact centre.1 This module monitors agent desktop activity in real time, measures process adherence, and generates automated performance scoring through Verint’s Performance Scoring Bots.1 This constitutes a deployed workforce surveillance and productivity monitoring technology. The vendor is Israeli-headquartered with primary R&D in Israel.
Beyond this deployment, No public evidence identified of AXA deploying Israeli-origin predictive analytics, social media monitoring, or external sentiment surveillance tools.
No public evidence identified of AXA receiving Israeli-origin surveillance or biometric technology indirectly through managed security services or bundled enterprise suites, beyond the Verint deployment documented above.
AXA’s cloud strategy is built on two primary hyperscalers: Microsoft Azure and Amazon Web Services.
Microsoft Azure: Microsoft’s 2024 customer story confirms AXA developed an internal generative AI platform named “AXA Secure GPT,” built on the Azure OpenAI Service and providing access to OpenAI models for approximately 140,000 AXA employees within a private, secure environment.4 The case study references France Central as an Azure region for European data processing, consistent with GDPR data residency obligations. No public evidence indicates AXA’s data is routed through or hosted in Microsoft’s Israel Central Azure region.31
AWS: Zawya reported that AXA Gulf migrated the majority of its technology infrastructure to AWS.6 AXA Group and AWS jointly announced development of the “AXA Digital Commercial Platform” (DCP), described as a global B2B risk management and prevention platform.5 The specific AWS regions used by AXA Gulf — and whether any data processing touches the AWS Israel (Tel Aviv) Region — are not publicly documented beyond the general migration announcement.
No public evidence identified that AXA operates, leases, or co-locates data centre infrastructure within Israel.
Microsoft launched its “Israel Central” Azure cloud region to serve local customers and the Israeli government.31 AWS launched the AWS Israel (Tel Aviv) Region in 2023.26 Both developments are documented public facts about those cloud providers. No public evidence connects AXA’s cloud workloads to either of these Israel-located regions.
Microsoft and Google were jointly awarded the Project Nimbus contract to provide cloud infrastructure and AI services to the Israeli government and military. This is a documented public fact about those vendors.31 AXA is a customer and tenant of Microsoft Azure and AWS; it is not a party to the Project Nimbus contract. No public evidence identified that AXA participates in Project Nimbus or any Israeli government cloud initiative, directly or indirectly.
No public evidence identified that AXA provides services marketed or contracted to Israeli state institutions, military bodies, or government agencies for data sovereignty, infrastructure resilience, or cloud hosting purposes.
No public evidence identified of any contract, partnership, or service agreement between AXA Group and the Israeli Ministry of Defence, the Israel Defence Forces, or Israeli intelligence agencies.
No public evidence identified of AXA’s commercially deployed technology being reported, confirmed, or documented as repurposed for military, intelligence, or law enforcement surveillance within Israel or the occupied Palestinian territories.
Verint’s origins in lawful interception technology — traceable to Comverse Infosys — is a documented corporate history fact. It does not constitute evidence that AXA’s specific Verint deployment serves or has ever served dual-use surveillance purposes. AXA’s stated use case is contact centre quality management and operational efficiency within its Retail division.1
No public evidence identified. AXA is an insurance and financial services group. No involvement in offensive cyber capability development, zero-day exploit tooling, or digital weapons systems has been identified in any source.
AXA Secure GPT, built on Microsoft Azure OpenAI Service, is an internal productivity and knowledge management platform made available to approximately 140,000 AXA employees globally.4 It operates within a private, secured Azure environment. Azure’s AI safety tooling — including Azure Prompt Shields and Azure AI Content Safety — is available within this stack.35 No public evidence identified that AXA Secure GPT is accessible to, or has been contracted with, any Israeli state, military, or security body.
The Verint Da Vinci AI engine, as deployed by AXA Retail, processes AXA customer voice data for transcription and sentiment analysis, covering 100% of calls in the relevant business unit.1 Verint’s standard commercial model involves AI model refinement through customer data processing. No public document confirms or denies whether Verint’s Da Vinci AI models — trained on or refined with AXA customer data — are also deployed in non-commercial surveillance contexts by Verint or any downstream party. This question cannot be resolved from public sources alone.
No public evidence identified of AXA providing AI, machine learning, computer vision, or autonomous decision-support systems to Israeli state, military, or security bodies.
No public evidence identified that AXA’s own AI models or platforms have been trained on or have accessed civilian population data, intercepted communications, or surveillance-derived datasets from Israel or the occupied territories.
No public evidence identified. AXA has no documented involvement in autonomous weapons, lethal autonomous systems, or unmanned military platform development.
AXA operated “AXA Lab Israel” in Tel Aviv, referenced in AXA’s own corporate communications (approximately 2019) as part of its global innovation lab network and described as connecting AXA with “new economy players.”727 The lab’s existence circa 2019 is confirmed.
Current status is unconfirmed. AXA restructured its global innovation operations during 2020–2022 under its “Unleash” strategy. Whether AXA Lab Israel continued operating through this period and into 2024–2025 is not confirmed in any verifiable public source. No post-2020 source naming the lab as operational has been identified. This should be treated as confirmed pre-2020; current operational status unconfirmed with possible discontinuation.
Hub Security (May 2020): A PR Newswire press release confirmed that AXA Ventures (the prior name of AVP) led a $5 million Series A funding round in Hub Security, an Israeli cybersecurity startup. OurCrowd was a co-investor.2 Hub Security was founded by veterans of IDF intelligence units (Unit 8200 and Unit 81) — a matter of public record from Hub Security’s own corporate communications and press coverage. The company develops Hardware Security Modules (HSMs) and confidential computing infrastructure and markets its products using its founders’ military-intelligence background. Hub Security subsequently listed on Nasdaq via SPAC merger in 2023 and thereafter faced significant financial difficulties, including reported Nasdaq delisting notices. Whether AVP retains an active equity position or has written down the investment is not confirmed in public sources accessible from training data.28
Sayata Labs (2020): Reinsurance News confirmed AXA-backed Sayata Labs — a Tel Aviv-based commercial lines insurtech — launched with $6.5 million in funding.3 Elron Electronic Industries (an Israeli technology holding company) was a co-investor. Guillaume Borie, then CEO of AXA Next, was quoted: “With Sayata, we can both improve our risk selection, as well as advance our clients’ cybersecurity protection.”3 Sayata subsequently raised further rounds (Series B approximately 2022) and continues to operate as an insurtech platform focused on SME cyber insurance. Whether AXA maintains a current operational or equity relationship beyond the initial investment is not independently confirmed in public sources beyond the original 2020 announcement.
Contrast Security: AVP invested in Contrast Security’s $30 million Series C round.2428 Contrast Security is a US-based application security firm (Bethesda, Maryland), not an Israeli-origin company. It joined Wiz’s integration platform (WIN) as a launch partner.24 The inference that this investment “reinforces the Silicon Wadi ecosystem” is an editorial characterisation not supported by documented evidence.
No public evidence identified of patent co-development, licensing agreements, or collaborative IP arrangements between AXA and Israeli-domiciled research institutions (Technion, Hebrew University, Weizmann Institute). Source classes reviewed include patent databases, AXA annual reports, and Israeli university technology transfer office public announcements.
Ekō (formerly SumOfUs), 2024: The Ekō report “AXA: Investments in Israeli Banks Financing War Crimes” documents AXA’s equity shareholdings in Bank Hapoalim, Bank Leumi, and Israel Discount Bank, alleging that these banks finance Israeli settlement activity and military operations in Gaza.9 The report addresses AXA’s equity portfolio holdings, not its technology vendor relationships.
Profundo, 2024: The Profundo report “AXA’s Divestment from Israeli Banks” documents the timeline of AXA’s divestment from Israeli banking equities.8 It confirms that AXA divested from Bank Hapoalim, Bank Leumi, and Israel Discount Bank by mid-2024, and that AXA had previously divested from Elbit Systems — Israel’s largest listed defence contractor — by 2019.8 The report addresses financial holdings. No civil society report specifically auditing AXA’s technology vendor relationships with Israeli-origin software companies has been identified.
CNCD-11.11.11 “Don’t Buy into Occupation V” (November 2025): This report documents European corporate relationships with Israeli occupation.25 It is confirmed as a published NGO report. Whether it specifically addresses AXA’s technology vendor relationships — as distinct from financial and equity holdings — cannot be confirmed without live retrieval of the full text.
No public evidence identified of any NGO report specifically auditing AXA’s enterprise technology procurement relationships with Israeli-origin vendors (Check Point, Verint, Wiz, etc.) as a primary subject of investigation.
The BDS Movement has maintained a sustained named campaign — “AXA DIVEST” — against AXA Group.11 The publicly cited grounds are AXA’s equity investments in Bank Hapoalim, Bank Leumi, and Israel Discount Bank, and its previous holdings in Elbit Systems. The campaign is documented as having materially influenced AXA’s investment decisions: AXA divested from Elbit Systems by 2019 and from all three named Israeli banks by mid-2024.81011
The Irish Palestine Solidarity Campaign (IPSC) characterised AXA’s 2024 bank divestment as “a huge victory” for Palestinian solidarity activism.10 The BDS campaign page and supporting civil society reports focus uniformly on financial exposure, not on AXA’s enterprise software stack or technology supply chain.
A coalition described as “Stop AXA Assistance to Israeli Apartheid” is documented as the sustained civil society driver of AXA’s financial divestments.1011 No public evidence identified that this or any other civil society campaign specifically targets AXA’s technology procurement relationships with Israeli-origin vendors.
Ethical Consumer has listed AXA in the context of its Israeli financial investment exposure.30 The specific grounds and current status of that listing would require live retrieval to confirm.
No public evidence identified of regulatory inquiries, legal challenges, export control proceedings, or sanctions-related investigations involving AXA’s technology relationships with Israeli entities. Source classes reviewed include EU financial regulatory enforcement records, French AMF enforcement actions, US Treasury OFAC designation lists, export control databases, and parliamentary records in France and the United Kingdom. AXA is an insurance and financial services group, not a technology exporter, and no such proceedings are recorded in accessible public sources.
https://www.verint.com/case-studies/axa-reduces-average-handle-time-by-20-using-modern-connected-verint-open-platform/ ↩↩↩↩↩↩↩↩↩↩↩↩
https://www.prnewswire.com/il/news-releases/axa-ventures-leads-5-million-investment-in-next-generation-cybersecurity-startup-hub-security-301054886.html ↩
https://www.reinsurancene.ws/axa-backed-insurtech-sayata-labs-launches-with-6-5mn-in-funding/ ↩↩
https://www.microsoft.com/en/customers/story/1760377839901581759-axa-gie-azure-insurance-en-france ↩↩
https://www.axa.com/en/news/axa-and-aws-developping-first-global-b2b-risk-management-and-prevention-platform ↩
https://www.zawya.com/en/business/axa-shifts-to-aws-cloud-in-services-push-urztor0r ↩
https://www.axa.com/en/news/bringing-innovation-to-the-next-level ↩
https://profundo.nl/projects/axa-s-divestment-from-israeli-banks/ ↩↩↩
https://aks3.eko.org/images/AXA_investments_Israeli_banks_report_2024.pdf ↩
https://www.axasigorta.com.tr/media/t1/001/660/898/256/AXA-Sigorta-&-Emeklilik-Faaliyet-Raporu-2021-ENG-10052022.pdf ↩
https://axaxl.com/fast-fast-forward/articles/cybersecurity-risks-to-consider-when-the-workforce-returns-to-work ↩
https://www.checkpoint.com/press-releases/check-point-software-technologies-and-wiz-enter-strategic-partnership-to-deliver-end-to-end-cloud-security/ ↩
https://www.cyberark.com/press/cyberark-and-wiz-team-up-to-provide-complete-visibility-and-control-for-cloud-created-identities/ ↩
https://investors.sentinelone.com/press-releases/news-details/2023/SentinelOne-and-Wiz-Announce-Exclusive-Partnership-to-Deliver-End-to-End-Cloud-Security/default.aspx ↩
https://www.cyberark.com/press/cyberark-and-sentinelone-team-up-to-enable-step-change-in-endpoint-and-identity-security/ ↩
https://www.cyberark.com/customer-stories/north-american-insurance-company/ ↩
https://www.cyberark.com/customer-stories/us-insurance-firm/ ↩
https://www.evanta.com/ciso/uk/uk-ireland-ciso-executive-summit-7512 ↩
https://www.axa.com/stories/story-beyond-the-numbers-the-human-side-of-cyber-threats ↩
https://interface.media/blog/executiveinsights/axa-partners-digital-transformation-by-the-business-for-the-business/ ↩
https://www.publicissapient.com/news/publicis-sapient-announces-global-partnership-with-google ↩
https://www.prnewswire.com/news-releases/contrast-security-joins-the-wiz-integrations-win-platform-as-a-launch-partner-301848455.html ↩↩
https://www.cncd.be/IMG/pdf/2025-11-dbio-v-report.pdf ↩
https://aws.amazon.com/local/israel/ ↩
https://www.axa.com/en/about-us/innovation ↩
https://www.axa.com/en/insights/anticipating-the-future-of-cyber-attacks ↩
https://www.ethicalconsumer.org/ethicalcampaigns/boycotts ↩
https://www.datacenters.com/microsoft-azure-israel-central ↩↩↩
https://www.publicissapient.com/news/publicis-sapient-acquires-full-stake-in-publicis-sapient-ai-labs ↩
https://www.publicissapient.com/news/ps-acquires-practia ↩
https://www.axa.com/en/investor/financial-information/annual-report ↩
https://azure.microsoft.com/en-us/blog/enhance-ai-security-with-azure-prompt-shields-and-azure-ai-content-safety/ ↩
