top of page
An artist’s illustration of artificial i

Services

How We Work

We map patterns, not people.

Our capability is applying threat intelligence methodology to human behaviour. How we deploy it depends on what you need.

What We Do

We apply the same analytical rigour used to track nation-state hackers to the human side of risk.

​

Insider threats don't come out of nowhere there are patterns before the incident. Social engineering works because it exploits predictable human responses. Coercion and manipulation follow signatures, just like malware.

​

We make these patterns visible. Once you can see them, you can do something about them.

​

We don't track people. We track patterns.

​

This isn't surveillance. It's not profiling individuals. It's understanding how harmful behaviours operate the tactics, the techniques, the indicators so you can recognise them, prevent them, and respond to them.

Domains

Our methodology applies wherever humans are the variable.

Insider Threat

The behaviours and patterns that precede insider incidents. Pre-incident indicators, not post-incident forensics.

Social Engineering

How people get exploited in security contexts. The techniques behind phishing, pretexting, and manipulation and why people fall for them.

Security Culture

Why your people behave the way they do. What actually drives security behaviour and what changes it

Interpersonal Harm

Patterns of coercion, abuse, control, and exploitation. Mapped systematically through SAFE, our harm intelligence methodology.

Disinformation & Influence

Information manipulation and narrative warfare. The same exploitation patterns, different context.

Ways We Work

The shape of our work depends on your problem.

Here's how we typically engage:

Intelligence

We produce intelligence on human behavioural threats.

This might look like:

  • Mapping the patterns relevant to your industry or context

  • Indicator libraries for insider threat or social engineering

  • Threat assessments focused on human factors

  • STIX-formatted intelligence feeds for integration with your existing tools

You get: Structured intelligence you can operationalise not a report that sits on a shelf.

Exercises & Training

We help your people build capability.

This might look like:

  • Tabletop exercises focused on human threats (insider incidents, social engineering, crisis response)

  • Training on human factors for security teams, HR, legal, or frontline staff

  • Capability building so your team can apply these concepts themselves

You get: Practical skills and tested responses not compliance theatre.

Advisory

We help you think through human factors challenges.

This might look like:

  • Ongoing advisory relationships (retainers)

  • Strategic guidance on insider threat, security culture, or human risk programs

  • Second opinions on approaches you're considering

  • Sounding board access when situations arise

You get: A thinking partner with deep expertise in human behavioural risk.

Investigations & Expert Opinion

We provide expertise for active matters.

This might look like:

  • Human factors analysis for workplace investigations

  • Expert reports for legal proceedings

  • Litigation support and testimony

  • Evidence analysis using threat intelligence methodology

You get: Rigorous analysis that stands up to scrutiny.

Assessments

We help you understand where you stand.

This might look like:

  • Human factors security assessments

  • Insider threat program maturity reviews

  • Security culture analysis

  • Gap identification and prioritisation

You get: A clear picture of your human factors posture and what to do about it.

SAFE Implementation

We help you apply harm intelligence methodology.

This might look like:

  • SAFE pilots for DV services, government programs, or legal teams

  • Training on the SAFE methodology

  • Integration with existing case management and risk assessment

  • Expert support for matters involving interpersonal harm

You get: A systematic approach to understanding harm validated at 98% alignment with academic research.

Who We Work With

Sectors

If humans are your biggest risk or your hardest problem, we can probably help.

Security & Risk

CISOs, CSOs, Heads of Risk, and security teams in critical infrastructure, financial services, government, and large corporates.

Legal & Investigations

General Counsel, litigation teams, workplace investigators, and firms handling matters involving human behaviour.

Government

Federal and state agencies dealing with security, policy, and social services from cyber to family violence.

DV & Community Sector

Domestic violence services, family services, elder abuse programs, and organisations responding to interpersonal harm.

Not Sure Where To Start?

Most clients come to us with a problem, not a purchase order.

bottom of page