Threat Intelligence.

Cyber Threat Assessment

Cybercrime is an industry, and it’s thriving.


As technologies evolve and geo-political narratives unfold, the capabilities and motivations of globalised threat actors have become relevant to a wider array of businesses.

Threat actors are often nameless and faceless at the point of attack, and their actions and intent may not be immediately visible.

Even once they're identified, the experience of cybercrime can feel abstract and shapeless. A lack of concrete information may lead to reactive and unfocused security policies that consume valuable budget without improving resiliency or addressing real risk.

The solution is not simply to build a bigger wall. The solution is to understand your threats and risks and take specific actions to mitigate them to improve security overall. It's about becoming as targeted and intelligence-driven in your defences as cyber criminals are in their attacks.

Contact Us

Using the application of conventional intelligence methodologies by certified intelligence professionals, it is possible to anticipate and respond to this new breed of specific threats and targeted attacks.

Our CREST STAR accredited Cyber Threat Assessment helps organisations more clearly understand their unique cyber security threat profile, in order to take specific actions to mitigate them individually.

The Assessment

The Cyber Threat Intelligence Assessment is composed of two parts: Targetable Intelligence and Threat Intelligence.

Threat Intelligence

We perform intelligence collection and threat analysis on your Attack Landscape - the people and groups that may feasibly possess the motive and means to carry out an attack.

We then draw together the Attack Surface and the Attack Landscape to create attack scenarios based on your critical assets, your infrastructure and the TTPs used by the most likely threat actors.

Targetable Intelligence

We begin with a combination of collaborative workshops to identify potential targets within your infrastructure, such as the location of sensitive data, mission critical applications, and key staff members. We then collect intelligence on the target assets, infrastructure and their surrounding digital footprint, which cumulatively represents your Attack Surface.

threat intelligence report

Threat Intelligence Report

The strategic level security assessment and analytical methodologies used to create the tactical level simulated attack scenarios. Each scenario is supported by detailed profiling of the associated threat actor.

Targetting Annex

Targeting Annex Report

The exploitable information and security intelligence we recover on your digital footprint with assessment of the potential consequences of these findings.

Global intelligence-led testing frameworks


Security Alliance actively contributes to, and participates in, the following frameworks.

Global cross-industry Cyber Threat and Resiliency Assessment framework.

Intelligence-led simulated attack programme from The Hong Kong Monetary Authority.

CREST industry body led Simulated Testing and Response framework, global and cross-industry.

As above but specifically for Financial Services

Bank of England intelligence-led simulated attack framework for the financial sector.

European Financial Services Threat Intelligence Based Ethical Red-teaming framework.

UK Government intelligence-led security testing and cyber resiliency programme.

UK Telecommunications intelligence-led security testing and cyber resiliency programme.