§ 00 / ABOUT
EmilyAI Ltd
CASE FILE / COMPANY

Operators,
not narrators.

We've been running an autonomous SOC analyst, quietly, since 2018. Now we're letting you have one too.

§ 01 / STORY
How Emily came to be

A SOC operator decided to build the analyst they could never hire.

In 2016 our founder, then running a British penetration-testing and incident-response practice, did the maths on a human-driven SOC and concluded — with some reluctance — that it would not work. There was nothing wrong with the analysts; there was a great deal wrong with the work. Triage at three in the morning, repeated nine hundred times a night, is not a problem hiring solves.

Two years later, in April 2018, the first instance of Emily went into continuous production at Cyber Defence Ltd. She has been running there ever since — eight unbroken years, sixteen tenants, a trillion signals a quarter. Long enough to learn what works, what doesn't, and what regulators were about to ask.

EmilyAI Ltd was spun out in 2026 as a platform company. The thesis is, on the whole, quite simple: every regulated SOC in Europe is about to need exactly this — and most are unaware they need it yet.

§ 02 / TIMELINE
Ten years, give or take

A decade of quiet work, compressed.

The bits that mattered.

2016
Emily is designed.
Two years of architectural work begin in a London office that did not, at the time, sell anything resembling autonomous SOC analysts. Nobody else did either.
2018
First production deployment.
Cyber Defence Ltd — our first and still-flagship client — puts Emily live in April. She has not been switched off since.
2020
MSP-grade tenant isolation.
Architected from scratch rather than bolted on. Twelve client tenants, three nationalities of regulator, no leakage between any of them.
2022
Glass-box reasoning ships.
Every alert verdict stored with its chain of inference. Three years before the EU AI Act made the same thing legally compulsory.
2024
ISO/IEC 42001 certification.
The world's first management-system standard for AI. Emily was certified against it, rather than written around it.
2026
EmilyAI Ltd is incorporated.
The platform spins out. Headquartered in London, hosted in the UK, available for Proof of Value from the day the door opens.
§ 03 / LEADERSHIP
The people

Operator-built. Sold five times. Deployed at scale.

Between them, our leadership team has lived through five exits, three IPOs, an FTSE-100 CISO seat, and rather more 3 a.m. SOC calls than is healthy. We have been here before.

Chief Executive · Founder
Peter Bassill

Peter spent eleven years in the British Army — much of it under the Official Secrets Act and consequently not for public consumption — before becoming Chief Information Security Officer at Gala Coral Group, a FTSE-100 gaming business. Six years on the CISO seat taught him what a SOC looks like at scale, and what it costs.

  • Microsoft European CISO Council
  • Founded Hedgehog Security in 2009; designed Emily 2016
  • CREST European Council member
  • CREST IR Pan-Europe advisor
Chief Revenue Officer
Tim Warner

Thirty-seven years in cyber sales, across nine vendor tenures. Joined Zscaler in 2014, four years before the IPO, and has lived more 20-person-to-1,400-person growth stories than is typical. Brings the field motion EmilyAI needs to translate eight years of evidence into pipeline.

  • Vendor (26y), Distribution (8y), Reseller (3y)
  • Built enterprise sales teams selling £60k–£300k ARR
  • Average deal experience: £60k – $4m
  • Joined EmilyAI 2026 from a regional VP seat
Head of Product & Engineering
Werner Thalmeier

Twenty years of product management and systems engineering across ProofPoint, Radware, M86 Security and Finjan. Werner built the ProofPoint Enterprise SE organisation from scratch — eighty engineers, each personally interviewed — and brings the same bias toward customer-engineering rigour to Emily's roadmap.

  • Bridges deep AI capability into business-led product
  • Owns Emily's product roadmap and customer engineering function
  • Hired the founding engineering team at EmilyAI Ltd

Advisors & non-executive board · to be announced post-Series A · slots reserved for sector and finance.

§ 04 / PRINCIPLES
What we believe

Six things we have stopped arguing about.

Drafted in 2018, edited only twice, applied to every product decision since.

01
Telemetry beats narrative.

We will publish numbers from real production deployments. Demos lie about what's possible. Telemetry tells you what's normal.

02
The customer owns the model.

Per-tenant, per-customer, on-premises. Anything else is somebody else's intellectual property running on somebody else's hardware, paid for by you.

03
Glass-box, or it didn't happen.

Every verdict has a reasoning trace. If a regulator, an auditor or a tired analyst can't read it back, it wasn't really a decision.

04
Sovereignty is a feature.

British. European. Air-gap capable. We did not bolt this on after the Cloud Act; we have been building this way since the beginning.

05
Read the SIEM you have.

Rip-and-replace is a vendor problem dressed up as a customer benefit. We integrate. The plumbing is included.

06
Quiet beats loud.

We have been running for eight years and barely told anyone. The work, on the whole, speaks loudly enough.

NEXT

Run a Proof of Value.
Three to ten working days.

Free, on the entirely defensible grounds that you shouldn't have to pay to find out whether something works.

Start a conversation