News

SOC-as-a-service provider, e2e-assure launches Cumulo, the U.K.’s only sovereign, AI-first, IT/OT
connected SOC platform, designed to help organizations defend against a new generation of AI-
driven threats, and answers the recent announcement by GCHQ Director, Anne Keast-Butler, for
a new national cyber defence capability that will hardwire cutting-edge agentic AI into machine-eed cyber defence” for AI Cyber Shield, enabling early identification of threats and vulnerabilities before incidents occur.
Cumulo introduces the Zero-Day Security Operations Centre (SOC), turning new threat intelligence into live detection rules instantly. By combining predictive modelling, sovereign local AI, and SC-cleared security experts, it detects known and emerging threats in milliseconds – keeping analysts in control while AI does the heavy lifting.
“Cumulo represents a shift away from traditional SOC and SIEM environments that are largely human-centric and reactive because they rely on sequential alert triage and retrospective investigation. Instead, Cumulo uses an AI-first security operating system,” says Rob Demain, CEO, e2e-assure. “Threats are now moving faster than human-led workflows can keep pace with, leaving security teams struggling. At the same time, many AI approaches in security are still constrained by legacy architectures that force them to rebuild context after the fact. We built Cumulo to change that by continuously building understanding as data is generated, while keeping expert analysts at the centre of decision-making.”
Using passive discovery, the platform builds a continuously updated digital twin of each customer’s IT and OT environment, enabling safe attack simulation, proactive risk identification, and immutable forensic analysis. This is particularly valuable for critical infrastructure and OT environments, where live testing is often too risky or impractical.
Customer-dedicated large language models (LLMs) are deployed within sovereign environments and trained on each organization’s unique estate, delivering accurate, context-aware security insights while keeping sensitive data under customer control. For Critical National Infrastructure (CNI) and other regulated sectors, local AI isn’t just a compliance requirement – it’s essential to ensure defensive capabilities remain available without relying on external cloud services.
“For organizations responsible for CNI and essential services such as energy, water, transport, telecommunications and government operations, resilience isn’t just about identifying threats faster; it's about ensuring your ability to defend remains intact during a crisis,” continues Demain.
“As more security capabilities move into the cloud, questions around sovereignty, dependency and operational continuity continue to mount. For organizations operating in regulated or high-dependence environments, reliance on external AI infrastructure can introduce risks around data residency, transparency and continued access to critical defensive capabilities. Cumulo addresses these challenges by keeping sensitive operational knowledge within customer-controlled environments, reducing exposure to external disruption and helping organisations maintain visibility and cyber defence capability even during major incidents, connectivity outages or wider infrastructure disruption.”
The platform also introduces a layered AI architecture that separates sensitive operational reasoning from broader intelligence and research capability. A local model layer handles environment-specific detection and analysis, a security intelligence layer aggregates and correlates threat data at scale, and a frontier model layer is used for non-sensitive enrichment and broader analytical tasks. This structure ensures that sensitive data remains contained while still enabling advanced AI capability where appropriate, supporting both compliance and performance requirements.
To manage growing volumes of security data, Cumulo’s Analyst Helper (CAH) uses multiple AI models to cross-check every investigation, with an anti-hallucination layer validating results against threat intelligence before they reach an analyst. Customer security experts remain in control throughout, allowing AI to handle the volume while people focus on high-value decisions.
Available in two tiers: Cumulo Standard delivers a proactive SOC with AI-driven investigation, autonomous threat hunting, threat intelligence, and compliance reporting; while Cumulo Enterprise adds predictive security with unified IT/OT monitoring, digital twin technology, live compliance dashboards, and cross-environment correlation to identify and prioritize risks before they can be exploited.