e2e-assure launches Cumulo, UK sovereign AI SOC

e2e-assure announced Cumulo from Abingdon on June 19. The platform is a UK-owned, AI-first security operations centre (SOC) designed to cover both IT and operational technology (OT) environments. Cumulo pairs locally hosted AI models with a continuously maintained digital twin and retains a security information and event management (SIEM) system as the immutable record of events.

Cumulo builds a passive digital twin of each customer estate through continuous discovery across IT and OT systems. The twin is used to identify risks and run simulated attacks without testing on live systems. e2e-assure describes the setup as enabling live threat intelligence to be applied immediately as detection rules, a capability the company calls a “zero-day SOC.”

The platform deploys customer-dedicated large language models and other AI inside customer-controlled infrastructure so inference and reasoning occur on-site. e2e-assure said this design keeps sensitive security data within the customer environment, reduces dependency on external cloud providers and maintains defensive capabilities if connectivity or wider infrastructure is disrupted.

Cumulo uses a layered AI architecture. A local model layer handles environment-specific detection and analysis, a security intelligence layer aggregates and correlates threat data at scale, and a frontier model layer performs non-sensitive enrichment. Multiple AI models cross-check investigations and produce an auditable view of each alert through a tool the company calls the Cumulo Analyst Helper. An anti-hallucination validation layer compares AI findings against threat intelligence feeds and deterministic detection engines before results are presented to analysts.

AI processing runs in parallel with the SIEM, which e2e-assure positions as the evidence-grade system of truth. Cleared human analysts retain oversight of decisions; the company said SC- and NPPV3-cleared teams remain central to operations. e2e-assure framed Cumulo in response to calls for faster, machine-speed cyber defence from national security officials.

The product will be offered in tiers. The Standard tier provides proactive SOC services with AI-driven investigation, autonomous threat hunting focused on behaviour, threat intelligence and compliance reporting. The Enterprise tier adds unified IT and OT monitoring, the digital twin, live compliance dashboards, cross-environment correlation and continuous stress testing of the twin to prioritise and cost remediation before exploitation.

e2e-assure has provided SOC-as-a-service to government and critical national infrastructure customers for more than a decade and operates a UK-based, 24/7 Security Operations Centre staffed by cleared cyber professionals. The company said Cumulo is designed to integrate with existing security stacks while keeping sensitive operational knowledge within customer-controlled environments.

Rob Demain, e2e-assure’s chief executive, said: “Threats are now moving faster than human-led workflows can keep pace with.”