Built around digital twin technology and customer-specific AI models, Cumulo responds to the recent announcement by GCHQ on AI Cyber Shield, enabling early identification of threats and vulnerabilities before an incident occurs.
Abingdon, UK, June 19 – SOC-as-a-service provider e2e-assure today announced the release of the latest version of Cumulo, the UK’s only AI-first, IT/OT connected sovereign SOC platform. The platform is designed to help organizations defend against a new generation of AI-driven threats. Adversaries will increasingly operate with autonomy and speed that traditional SOC models were not built to counter.
The unique UK-owned and developed platform responds to GCHQ Director Anne Keast Butler’s recent call for a “new national cyber defense capability that incorporates cutting-edge agent AI into machine-speed cyber defense” by creating a truly sovereign solution for e2e-assure’s SOC services.
With AI natively integrated across the platform, the technology continuously builds context for security data as it is generated, taking detection and response to new levels and powering breakthrough defense capabilities. SIEM remains a system of truth. There is a deterministic, evidence-grade record of every event, on which AI runs as a parallel function.
Cumulo is introducing a zero-day SOC. This means you can immediately apply live/new threat intelligence as detection rules to eliminate risk from emerging threats. We combine predictive modeling capabilities with sovereign local AI models and expert human oversight to detect known and emerging indicators of compromise in milliseconds. This will be done while SC-certified security teams remain at the core of all decision-making, avoiding AI autonomy while maintaining a “human-involved” structure.
“Cumulo represents a transition from traditional SOC and SIEM environments that are primarily human-centric and reactive, as they rely on sequential alert triage and retrospective investigations. Instead, Cumulo uses an AI-first security operating system,” said Rob Demain, CEO of e2e-assure. “Security teams are struggling as threats are now moving faster than human-driven workflows can keep up. At the same time, many AI approaches in security are still constrained by legacy architectures and must rebuild context after the fact. We built Cumulo to change this by continuously building understanding as data is generated, while putting expert analysts at the center of decision-making.”
The Cumulo platform provides a continuously maintained digital twin of each customer environment through passive discovery across IT and operational technology (OT) systems, enabling secure attack simulation, pre-exploitation risk identification, and immutable preservation of analytical integrity. This is especially valuable in production technology and critical infrastructure environments where live testing is often impractical or involves unacceptable operational risk.
Customer-specific local large-scale language models (LLMs) are deployed within a sovereign environment and trained in each organization’s specific environment, enabling accurate, context-aware inferences that reflect the reality of each customer asset. Because inference occurs within customer-controlled infrastructure, organizations retain complete sovereignty over their sensitive security data and reduce dependence on external cloud AI services. This sovereignty is not only a compliance consideration, but also an operational necessity for industries such as CNI. Defensive AI capabilities that rely on third-party infrastructure are subject to disruptions and access restrictions that are beyond an organization’s control. By keeping the model local, organizations can leverage defense capabilities regardless of the external environment.
“For organizations responsible for the nation’s critical infrastructure and critical services such as energy, water, transportation, telecommunications, and government operations, resilience is not just about identifying threats faster, it’s about ensuring that defensive capabilities remain intact during a crisis,” DeMaine added.
“As more security functions move to the cloud, questions about sovereignty, dependencies, and operational continuity continue to grow. For organizations operating in regulated or highly dependent environments, relying on external AI infrastructure can pose risks regarding data residency, transparency, and continued access to critical defense capabilities.Cumulo addresses these challenges by preserving sensitive operational knowledge within customer-controlled environments, reducing exposure to external disruption, and helping organizations maintain visibility and cyber defense capabilities during major incidents, connectivity outages, or widespread infrastructure disruptions.”
Cumulo is also introducing a layered AI architecture that separates sensitive operational inference from broader intelligence and research capabilities. The local model layer handles environment-specific detection and analysis, the security intelligence layer aggregates and correlates large-scale threat data, and the frontier model layer is used for less sensitive hardening and broader analysis tasks. This structure ensures that sensitive data is preserved while enabling advanced AI capabilities as needed to support both compliance and performance requirements.
To address growing security data, Cumulo uses multiple AI models that cross-check every investigation from different perspectives, building an auditable view of each alert known as Cumulo Analyst Helper (CAH). The anti-hallucination layer validates results against threat intelligence and deterministic detection engines before they reach analysts. Our customers’ own security and operations experts understand their assets and risk appetite and keep us informed. Because the platform has volume, people are free to make high-value decisions.
Cumulo is deployed through a multi-tier product model designed to support different stages of security maturity and organizational needs. Standard provides proactive SOC capabilities, offering threat intelligence, centralized reporting, and compliance dashboards, as well as AI-driven investigation and autonomous threat hunting that detects by behavior rather than signatures alone. Enterprise extends the platform to a predictive SOC, adding integrated IT and OT monitoring, digital twin capabilities, live compliance dashboards, and advanced cross-environment correlation for complex environments that require deeper operational insights. This predictive model continuously stress-tests evidence-accurate asset twins, ranks and costs remediation, and closes gaps before real attackers arrive.
For more information, please visit www.e2e-assure.com/cumulo.
About e2e-assure
For over 10 years, e2e-assure has been providing government and CNI organizations with professional SOCaaS solutions powered by the AI SOC platform Cumulo. Our UK-based Security Operations Center is staffed exclusively with NPPV3 and security certified cyber experts and is dedicated to providing a rapid and professional response to nationally sensitive organizations.
Unlike providers that are locked into a specific technology, our wholly owned AI SOC platform, Cumulo, integrates with your existing security stack to optimize the value of your existing investments. With UK data sovereignty guaranteed and an unwavering focus on SOC excellence, we help our customers build resilience, reduce risk and stay ahead of threat actors with confidence.
