Human factors security & intelligence

Every attack begins and ends with a human

We help organisations understand, assess, and address human behavioural risk. The threats that don't show up on your SIEM.

Get in touch See our work ↓
Patterns
Scroll
We map patterns, not people

"We apply the same analytical rigour used to track nation-state hackers to the human side of risk."

Insider threats don't come out of nowhere, there are patterns before the incident. Social engineering works because it exploits predictable human responses. Coercion and manipulation follow signatures, just like malware.

We make these patterns visible. Once you can see them, you can do something about them.

This isn't surveillance. It's not profiling individuals. It's understanding how harmful behaviours operate, the tactics, the techniques and the behaviours so you can recognise them, prevent them, and respond to them.

The shape of our work depends
on your problem

We work across multiple domains, but every engagement starts with the same question: what's the human behaviour you're trying to understand? Not who are you trying to profile.

01

Intelligence

Structured intelligence on human behavioural threats. Indicator libraries, threat assessments, STIX-formatted feeds. Intelligence you can operationalise, not a report that sits on a shelf.

02

Advisory

Retainers, strategic guidance, second opinions. A thinking partner with deep expertise in human behavioural risk. Sounding board access when situations arise.

03

Exercises & Training

Tabletop exercises for human threats. Training for security teams, HR, legal, frontline staff. Capability building so your team can apply these concepts themselves.

04

Investigations & Expert Opinion

Human factors analysis for workplace investigations. Expert reports for legal proceedings. Litigation support and testimony. Rigorous analysis that stands up to scrutiny.

05

Assessments

Human factors security assessments. Insider threat program maturity reviews. Security culture analysis. A clear picture of your posture and what to do about it.

Where our methodology applies
01
Insider Threat
The behaviours and patterns that precede insider incidents. Pre-incident indicators, not post-incident forensics.
02
Social Engineering & Security Culture
How do people fall victim to scams or exploitation, and what actually drives secure behaviour. The techniques, the psychology, and the organisational factors.
03
Interpersonal Harm
Patterns of coercion, abuse, control, and exploitation: mapped systematically. For DV services, government, legal, and anyone working in this space.
04
Dis/Mis-information & Influence
Information manipulation, narrative warfare, and influence operations. The same exploitation patterns, different context.
Building what doesn't exist yet

Cybersecurity has MITRE ATT&CK. Interpersonal harm had nothing comparable. So we're building the infrastructure — open-source frameworks, intelligence platforms, and the community to bridge the gap.

Published

TFA Matrix

Open-source threat intelligence framework

The first structured knowledge base mapping how technology is weaponised in interpersonal harm. 7 tactics. 74 techniques. Think MITRE ATT&CK for tech-facilitated abuse. Open source, evidence-based, practitioner-focused.

Explore the Matrix
In Development

SAFE & the Engine

Intelligence infrastructure for interpersonal harm

Applying threat intelligence methodology — TTPs, structured analysis, constitutional AI — to patterns of coercion, abuse, and exploitation. Built for DV practitioners, government analysts, and the legal sector.

Coming Soon

Zero Day Women

A podcast from Dumb Ways To Get Hacked

Women doing unprecedented things in cyber, security, and intelligence and the stories that got them there. Not empowerment speeches, cupcakes or panels about leaning in. Just the work, and how they got there.

In Development

"[WorkingTitle]"

Bridging cybersecurity and non-cyber audiences

A hub for connecting cybersecurity speakers with non-cyber stages. Partnering with Industry Organisations to put diverse voices in rooms that need to hear them.

The threat intelligence framework
for tech-facilitated abuse

The SAFE TFA Matrix documents the tactics and techniques used in technology-facilitated abuse. Think of it as MITRE ATT&CK for Technology-facilitated Abuse (TFA) — a structured knowledge base that helps practitioners identify, classify, and respond to tech-enabled abuse patterns.

Open source. Evidence-based. Practitioner-focused.

TA-001

Surveillance & Tracking

Stalkerware, GPS trackers, account monitoring, smart home surveillance

TA-002

Account & Access Compromise

Password theft, account takeover, device lockout, 2FA interception

TA-003

Harassment & Intimidation

Threats, doxxing, swatting, coordinated pile-ons, contact bombing

TA-004

Information Manipulation

Gaslighting, NCII, deepfakes, fake evidence, reputation attacks

TA-005

Isolation & Control

Blocking contacts, controlling social media, intercepting communications

TA-006

Resource & Financial Control

Financial lockout, transaction monitoring, crypto fraud, identity theft

TA-007

Physical Enablement

Location-based assault, smart lock manipulation, vehicle sabotage

7 Tactics · 74 Techniques · Continuously updated
This Matrix is not a replacement for professional support, emergency services, or for weaponisation against others.
Frameworks, research, and things
we think you should hear

Frameworks & Tools

Open-source frameworks and structured resources for practitioners and researchers.

Presentations & Talks

Slide decks, recordings, and materials from conference presentations and training sessions.

Content coming soon

Podcast

Zero Day Women — stories of women doing unprecedented things in cyber, security, and intelligence. From Dumb Ways To Get Hacked.

Launching soon — subscribe to get notified

Writing & Research

Published analysis, articles, and research contributions on human factors security and interpersonal harm.

Content coming soon
Most clients come to us with a problem,
not a purchase order

Whether you're dealing with insider threat, security culture gaps, or human factors risk — or you're in the DV sector and want to talk about SAFE — we'd like to hear from you.

If you are in immediate danger, call 000. For support: 1800RESPECT · Lifeline 13 11 14. Your safety matters — reach out for help.