A SOC operator decided to build the analyst they could never hire.
In 2016 our founder, then running a British penetration-testing and incident-response practice, did the maths on a human-driven SOC and concluded — with some reluctance — that it would not work. There was nothing wrong with the analysts; there was a great deal wrong with the work. Triage at three in the morning, repeated nine hundred times a night, is not a problem hiring solves.
Two years later, in April 2018, the first instance of Emily went into continuous production at Cyber Defence Ltd. She has been running there ever since — eight unbroken years, sixteen tenants, a trillion signals a quarter. Long enough to learn what works, what doesn't, and what regulators were about to ask.
EmilyAI Ltd was spun out in 2026 as a platform company. The thesis is, on the whole, quite simple: every regulated SOC in Europe is about to need exactly this — and most are unaware they need it yet.