Turn this list into pipeline.
Threat Intelligence Companies in the UK: 100+ Active Firms (2026)
Threat intelligence companies in the UK collect, analyse and operationalise cyber threat data for security teams.
Buying centres tend to sit with security operations, cyber risk, fraud, and executive protection teams rather than general IT procurement alone. Enterprise and public-sector customers usually buy analyst-written reporting, machine-readable feeds, alerting workflows, and managed intelligence support; mid-market buyers often reach the category through managed security providers. Engagements are typically subscription or retainer-led, with integration work around detection rules, vulnerability prioritisation, incident response, and board-level risk reporting. The more credible suppliers combine collection infrastructure with human analysis, because customers are buying judgement about relevance as much as raw indicators.
Read more
The UK cohort contains 167 actively trading companies, making threat intelligence a relatively narrow cyber security category rather than a broad software market. Reported employment across the cohort totals 1,478 people, which fits a labour-intensive model built around analysts, engineers, and security operations support rather than pure self-serve software. The shape is also consistent with enterprise and public-sector sales cycles: buyers tend to need evidence of provenance, response capability, and operational fit before committing to feeds or managed services.
Market structure is weighted towards smaller suppliers, with 34 companies recording turnover above £5M and 21 incorporated since 2022. Customer procurement is shaped less by a single sector licence and more by assurance requirements around how intelligence is collected, enriched, stored, and shared. Enterprise and public-sector buyers tend to scrutinise access controls, audit trails, source handling, and incident confidentiality, particularly where services sit close to security operations or fraud prevention workflows. That creates room for specialist providers, but it also raises the cost of trust-building before a supplier reaches repeatable commercial scale.
Demand appears tied to a fairly durable problem: security teams receive more alerts than they can investigate, while boards and public-sector sponsors want clearer explanations of cyber risk. Suppliers that can turn collection into prioritised action tend to be better placed than firms selling undifferentiated feeds. The market also appears likely to sort more sharply between analyst-led managed services, vertical risk reporting, and machine-readable infrastructure for security operations. Early-commercial firms may find distribution difficult without managed security partners, while larger buyers will keep pressing for clearer provenance, defensible methods, and evidence that intelligence changes operational decisions.
167
Active firms
2026
34
Above £5M
Reported revenue threshold
21
Newer incorporations
Since 2022
Key facts
About 20% of the trading cohort reports turnover above £5M (34 of 167 firms) — the rest sits below that revenue band.
12% of the cohort was incorporated since 2022 (21 firms), so a sizeable share is in its first few filing cycles.
Threat intelligence suppliers turn external threat signals into alerts, reports and workflows for security teams.
The segment sits close to managed security, incident response and cyber risk operations, so buyer needs often centre on earlier warning rather than retrospective reporting.
Product-led providers tend to sell subscription software, while service-led providers depend more on analyst capacity and customer-specific reporting.
Top UK threat intelligence companies
Trajectory
3y · 2023–NowFinancial sub-scores
Computed from 3 filingsProvides cyber threat intelligence software and services, including a SaaS platform that collects and analyses data on threat actors, vulnerabilities, breaches and underground marketplaces to support…
Serves B2B security teams and cyber risk leaders at organisations with exposure to advanced cyber threats, including teams managing threat intelligence, threat hunting, attack surface exposure and…
Financial Health
HealthyHealthy · -8% CAGR over 2y
Location
SECURITY ALLIANCE LIMITED
Trajectory
5y · 2020–NowFinancial sub-scores
Computed from 5 filingsProvides cyber threat intelligence services, including managed threat monitoring, intelligence assessments, and advisory. Operates a threat intelligence platform (ThreatMatch) and supports…
Serves large organisations in finance, central banking, financial market infrastructure, government and EU agencies, international bodies, and critical national infrastructure operators in telecoms,…
Financial Health
HealthyHealthy · Hiring · 29% CAGR over 5y
Location
Eclecticiq
Develops cyber threat intelligence software that aggregates and analyzes threat data from multiple sources. Provides a platform, feeds, and tools for threat hunting, alert triage, incident response,…
Serves B2B cybersecurity teams, including CTI analysts, SOC analysts, CISOs and cybersecurity leaders, as well as MSSPs delivering threat intelligence services to clients.
Location
FIVECAST UK LIMITED
Trajectory
3y · 2023–NowFinancial sub-scores
Computed from 3 filingsDevelops open‑source intelligence software that collects and analyses data from the surface, deep, and dark web. Provides AI‑driven platforms used by government, law enforcement, defence, and…
Serves government intelligence, border security, defence and law enforcement agencies, plus corporate security, financial crime and insurance teams in large organisations.
Financial Health
StrongStrong · Hiring · 50% CAGR over 2y
Location
ELEMENDAR LTD
Trajectory
2y · 2024–NowFinancial sub-scores
Computed from 2 filingsDevelops AI-powered cybersecurity threat intelligence software that analyses threat reports, identifies threat actors, maps cyber threats to organisational risks, and supports automated risk…
Serves security teams and cyber threat intelligence analysts in businesses and public-sector organisations, including healthcare providers, government bodies, and retail/e-commerce companies.
Financial Health
DistressedDistressed · -40% CAGR over 1y
Location
Planet 9 Limited
Trajectory
5y · 2021–NowFinancial sub-scores
Computed from 5 filingsDevelops cyber intelligence and threat detection technology for governments and enterprises. Uses AI, OSINT and web intelligence to monitor disinformation campaigns, detect malicious domains and…
Serves governments, public-sector security teams, enterprises, and critical infrastructure operators needing cyber intelligence against AI-driven threats, disinformation, fraud, phishing, and…
Financial Health
WeakWeak · -14% CAGR over 4y
Location
BABEL STREET ROSETTE LIMITED
Trajectory
5y · 2021–NowFinancial sub-scores
Computed from 5 filingsDevelops AI-powered risk intelligence software that collects and analyses multilingual digital data to identify threats, resolve identities, and assess vendor and supply‑chain risk. Provides tools…
Serves public-sector defence and law enforcement agencies, plus global enterprises and FinTech firms with analyst, security, compliance, supply chain risk, and investigations teams handling identity,…
Financial Health
StrongStrong · Hiring · 26% CAGR over 4y
Location
DARKINVADER LIMITED
Trajectory
4y · 2022–NowFinancial sub-scores
Computed from 4 filingsProvides an external attack surface management platform that discovers internet-facing assets, monitors asset changes, scans for vulnerabilities, and collects threat intelligence such as leaked…
Serves B2B organisations needing external attack surface monitoring, especially security, IT and leadership teams responsible for internet-facing assets, supplier risk and threat intelligence.…
Financial Health
WeakWeak · 32% CAGR over 2y
Location
Cyber Defence Alliance Limited
Trajectory
2y · 2024–NowFinancial sub-scores
Computed from 2 filingsProvides cyber threat intelligence services for member financial institutions, including analysis and sharing of information on cyber threats. Works with banks, law enforcement, telecommunications…
Serves member financial institutions, especially banks, alongside their clients and communities, cyber security agencies, law enforcement, intelligence and security agencies, regulators, trade…
Financial Health
StrongStrong · Growing · 7% CAGR over 1y
Location
Develops and provides cybersecurity software and managed services, including managed detection and response (MDR), SIEM, vulnerability management, attack surface monitoring, cloud security tools, and…
Serves security and IT teams at mid-market and enterprise organisations globally, including finance, logistics, professional services and other businesses with cloud, hybrid and digital environments.
Location
OBRELA SECURITY INDUSTRIES LIMITED
Trajectory
3y · 2023–NowFinancial sub-scores
Computed from 3 filingsProvides managed detection and response cybersecurity services, cyber risk and compliance management, and digital forensics and incident response. Operates the Swordfish platform to monitor threats,…
Serves B2B organisations with complex digital operations, including manufacturing, shipping, banking and finance, energy and utilities, healthcare, telecommunications, oil and gas, and retail…
Financial Health
HealthyHealthy · Hiring · 18% CAGR over 2y
Location
Develops and provides cybersecurity software and managed security services, including threat detection and response (MDR), SIEM, vulnerability management, attack surface and exposure management,…
Serves security and IT teams at global businesses, including finance, banking, logistics, infrastructure and services organizations, requiring enterprise cybersecurity operations support.
Location
Trajectory
4y · 2023–NowFinancial sub-scores
Computed from 4 filingsProvides identity threat protection software that uses recaptured breach and malware data from the dark web to detect exposed credentials, session cookies and personal data, helping organisations…
Sells to businesses and enterprises with employee, consumer, and vendor identity exposure risks, including security, fraud, and IT teams. Also serves financial services organisations and cybercrime…
Financial Health
StrongStrong · Hiring · 20% CAGR over 3y
Location
Cysiam Limited
Trajectory
5y · 2021–NowFinancial sub-scores
Computed from 5 filingsProvides cyber security services including cyber threat intelligence, managed detection and response, security operations centre monitoring, threat hunting, incident response, and cyber security…
Serves public and private sector organisations globally, including the UK defence supply chain and operationally critical environments, where security and resilience risk is a priority.
Financial Health
StrongStrong · Growing, Hiring · 27% CAGR over 4y
Location
ANOMALI LIMITED
Trajectory
3y · 2023–NowFinancial sub-scores
Computed from 3 filingsDevelops cybersecurity software platforms that aggregate security data and threat intelligence for security operations teams. Provides tools for threat detection, investigation and response,…
Sells to enterprise security operations and cyber threat intelligence teams, including SOC analysts, incident responders and threat hunters in organisations managing complex cybersecurity programmes.
Financial Health
DistressedDistressed · -31% CAGR over 2y
Location
Provides cyber security and digital risk services including penetration testing, incident response, digital forensics, threat intelligence, and social engineering assessments. Also offers compliance…
Sells to businesses, UK government and public sector bodies, international government organisations, NGOs, online platforms, and defence-sector suppliers needing cyber security, compliance, digital…
Location
Pattrn Analytics And Intelligence Ltd
Trajectory
4y · 2022–NowFinancial sub-scores
Computed from 4 filingsProvides AI-powered threat intelligence services including real-time monitoring of foreign interference and online harms, analysis of adversarial tactics and AI misuse, and security testing and…
Serves government departments, international organizations, and enterprise security or intelligence teams, including large technology companies, managing digital security and AI-related risks.
Financial Health
StrongStrong · Growing · 0% CAGR over 3y
Location
Cyberfort
Trajectory
2y · 2024–NowFinancial sub-scores
Computed from 2 filingsProvides cyber security services including consultancy, resilience audits, secure system design, penetration testing, OT/IoT security reviews, and cyber risk management. Operates security operations…
Serves public sector bodies and businesses in defence, critical national infrastructure, energy, utilities, financial and professional services, IT, manufacturing, retail, consumer and transport…
Financial Health
DistressedDistressed
Location
Tadaweb UK Limited
Trajectory
5y · 2021–NowFinancial sub-scores
Computed from 5 filingsDevelops software for open‑source intelligence (OSINT) and publicly available information (PAI) analysis, providing an operating system that aggregates and analyses small data from online sources to…
Financial Health
StableStable · Hiring · 16% CAGR over 4y
Location
LAB 1
Trajectory
3y · 2023–NowFinancial sub-scores
Computed from 3 filingsDevelops an AI-based data intelligence platform that analyses files from open, dark and private sources to identify exposed or leaked information. Helps organisations detect data breaches, locate…
Serves enterprise security and data-risk buyers, including CISOs, SOC teams, incident response partners, data leaders and data stewards responsible for breach response and compliance exposure.
Financial Health
HealthyHealthy · Hiring · 12% CAGR over 2y
Location
Nihon Cyber Defence Ltd
Trajectory
5y · 2021–NowFinancial sub-scores
Computed from 5 filingsProvides cyber security services including consultancy, security operations monitoring, SIEM platforms, threat intelligence, protective services, and incident management and response to help…
Sells to governments, critical national infrastructure operators, large organisations and SMEs needing cyber security support. Serves a B2B and public-sector market, with emphasis on organisations…
Financial Health
WeakWeak · Hiring · 37% CAGR over 4y
Location
Bluevoyant
Trajectory
2y · 2023–NowFinancial sub-scores
Computed from 2 filingsProvides managed cybersecurity services including managed detection and response, third‑party risk management, and digital risk protection. Monitors networks, vendors, and online assets for threats,…
Sells to B2B cybersecurity, IT, risk and compliance teams at mid-market and enterprise organisations managing networks, third-party vendors and digital brand exposure, including users of Microsoft,…
Financial Health
HealthyHealthy · Hiring · 20% CAGR over 1y
Location
Trajectory
5y · 2021–NowFinancial sub-scores
Computed from 5 filingsDevelops AI‑driven cybersecurity software that monitors network, cloud and identity activity to detect and respond to cyberattacks. Provides network detection and response (NDR) platforms, threat…
Sells to enterprise security, SecOps and SOC teams, including organisations in finance, healthcare, higher education, public sector and critical infrastructure that manage network, cloud and identity…
Financial Health
StrongStrong · Hiring · 10% CAGR over 4y
Location
Cyberfort
Provides cyber security consultancy and managed security services, including cyber risk management, resilience audits, penetration testing, red teaming, OT/IoT security reviews, and managed detection…
Serves organisations in public sector and government, defence, critical national infrastructure, energy and utilities, financial and professional services, IT, manufacturing, retail, consumer and…
Location
FS-ISAC UK, LTD.
Trajectory
5y · 2021–NowFinancial sub-scores
Computed from 5 filingsProvides a member-based platform for financial institutions to share cyber threat intelligence, collaborate on security issues, conduct incident response exercises, and access research, events, and…
Serves global financial services institutions, including banks, credit unions, insurers, payments firms, investment and securities firms, exchanges, critical private-sector providers, and public…
Financial Health
HealthyHealthy · Hiring · 9% CAGR over 4y
Location
ESENTIRE UK LIMITED
Trajectory
2y · 2024–NowFinancial sub-scores
Computed from 2 filingsProvides managed detection and response cybersecurity services including 24/7 security operations centre monitoring, threat hunting, incident response and digital forensics. Develops an AI‑driven…
Serves mid-market businesses and public sector organisations needing managed cybersecurity, including finance, insurance, legal, healthcare, manufacturing, retail, construction, private equity, food…
Financial Health
HealthyHealthy · 0% CAGR over 1y
Location
Integrity360
Provides cyber security services including managed detection and response, threat monitoring, incident response, penetration testing, vulnerability management, and security operations. Also offers…
Serves organisations in the public sector and regulated industries including banking, fintech, healthcare, education, utilities, manufacturing, professional services and media across Europe.
Financial Health
Insufficient historyInsufficient history
Location
Develops and provides cybersecurity software and managed services, including a unified platform for threat detection and response, vulnerability and exposure management, SIEM, cloud security…
Serves security and IT teams at mid-market and enterprise organisations globally, including finance, logistics, infrastructure and professional services firms with complex cloud, endpoint and hybrid…
Location
SECURITYSCORECARD UK LIMITED
Trajectory
3y · 2023–NowFinancial sub-scores
Computed from 3 filingsProvides cybersecurity risk intelligence and third‑party risk management software. Platform monitors organisations’ external attack surface, security ratings and threat data to detect…
Serves enterprise security, risk, TPRM and SOC teams managing large supplier ecosystems, across sectors including financial services, healthcare, technology, public sector, critical infrastructure,…
Financial Health
StrongStrong · Growing, Hiring · 24% CAGR over 2y
Location
TRM Labs UK Ltd
Trajectory
3y · 2023–NowFinancial sub-scores
Computed from 3 filingsDevelops blockchain intelligence software used by financial institutions, crypto businesses and law enforcement to monitor cryptocurrency transactions, screen wallets, detect fraud and sanctions…
Serves government agencies, law enforcement, national security teams, regulators, tax authorities, financial institutions, fintechs and crypto businesses involved with digital assets.
Financial Health
StrongStrong
Location
RELIANCE CYBER LIMITED
Trajectory
5y · 2021–NowFinancial sub-scores
Computed from 5 filingsProvides managed cyber security services including monitoring and management of IT security infrastructure, managed detection and response, threat intelligence and vulnerability management. Also…
Serves businesses and organisations across the UK and Ireland, especially those with security teams, critical digital infrastructure, compliance needs, or exposure to cyber threats.
Financial Health
DistressedDistressed · -64% CAGR over 5y
Location
Core to Cloud Ltd
Trajectory
3y · 2022–NowFinancial sub-scores
Computed from 3 filingsProvides cybersecurity services including continuous security assurance testing, dark web monitoring and threat intelligence, cyber crisis simulation, managed detection and response, and third‑party…
Serves UK organisations’ CISOs, IT teams and security leaders, including businesses needing cyber resilience support across internal operations, incident response and third-party supply chain risk.
Financial Health
WeakWeak · Hiring · 7% CAGR over 2y
Location
Orpheus Cyber Limited
Trajectory
3y · 2023–NowFinancial sub-scores
Computed from 3 filingsProvides cyber risk assessment and intelligence services, including external attack surface monitoring, third‑party risk management, vulnerability management, security testing, and regulatory…
Serves B2B and financial-sector buyers, including CISOs, cyber leaders, IT and infrastructure teams, DPOs, procurement and risk leaders, MSSPs, investment managers, and cyber insurers and brokers.
Financial Health
WeakWeak · -6% CAGR over 2y
Location
PERVADE SOFTWARE LIMITED
Trajectory
5y · 2020–NowFinancial sub-scores
Computed from 5 filingsDevelops cybersecurity software for security monitoring, dark web intelligence, and compliance management. Products include OpView for infrastructure and vulnerability monitoring, OpIndex for dark…
Sells to private and public sector organisations worldwide, plus channel partners from independent consultants to global managed security service providers. Also serves UK police-led programmes and…
Financial Health
StrongStrong · Growing, Hiring · 5% CAGR over 4y
Location
Eggplant Live
Provides cyber security and risk management services including penetration testing, incident response, threat intelligence, managed detection and response, vulnerability management, security…
Serves large enterprises and government/public sector organisations, across financial services, legal/professional services, retail, transport, technology/media/telecoms, energy/utilities,…
Location
NCC Group
Provides cyber security services including penetration testing, incident response, threat intelligence, vulnerability management, and managed detection and response. Also offers security consulting,…
Serves large enterprises and government/public sector bodies globally, including financial services, legal, retail, transport, technology/media/telecoms, energy, manufacturing and health…
Location
Cybaverse LTD
Trajectory
3y · 2023–NowFinancial sub-scores
Computed from 3 filingsDevelops and operates a cyber security platform that integrates security monitoring, SIEM data, vulnerability management, managed detection and response, penetration testing, compliance support, and…
Sells to businesses with in-house security, IT and compliance teams, including organisations with limited resources or fragmented toolsets that need 24/7 security support and operational oversight.
Financial Health
StrongStrong · Growing, Hiring · 35% CAGR over 2y
Location
Trajectory
3y · 2020–NowFinancial sub-scores
Computed from 3 filingsDevelops cybersecurity software that monitors and analyses organisational IT activity to detect and investigate threats. Provides an AI-driven security operations platform with automated alert…
Serves B2B security operations teams at organisations with legacy SIEM or MDR setups, especially lean or resource-constrained SOCs across industries.
Financial Health
StrongStrong · Growing · 3% CAGR over 2y
Location
The Investigo Group Limited
Trajectory
2y · 2024–NowFinancial sub-scores
Computed from 2 filingsDevelops secure software platforms and data‑driven products using analytics and AI. Provides internet intelligence and investigation tools, and delivers OSINT and digital policing training and…
Serves vetted organisations, law enforcement bodies, investigation and intelligence agencies, and enterprises needing secure data, AI, OSINT and digital policing support for internet-related crime…
Financial Health
StableStable · Hiring · 30% CAGR over 1y
Location
NCC Group
Provides cyber security consulting and managed services including penetration testing, incident response, threat intelligence, vulnerability management, cloud and application security assessments,…
Sells to large enterprises and government bodies needing cyber security services, particularly in financial services, legal, retail, public sector, transport, technology, energy, manufacturing and…
Location
Develops cybersecurity software and services including extended detection and response (XDR), endpoint protection, and threat monitoring tools. Provides managed detection and response, incident…
Serves enterprise security teams, IT leaders and incident-response buyers across sectors, including organisations with on-prem or air-gapped environments, plus resale, managed service and technology…
Location
CRYPT-TECH SOLUTIONS LIMITED
Trajectory
5y · 2021–NowFinancial sub-scores
Computed from 5 filingsDevelops cyber security, artificial intelligence and cryptography software platforms. Provides SIEM systems, AI‑based vulnerability scanning, cyber threat intelligence, data leakage prevention,…
Serves businesses and organisations with IT and security teams seeking cyber security, AI, cryptographic and big data solutions, including managed cyber security services.
Financial Health
StrongStrong · Growing, Hiring · 35% CAGR over 4y
Location
DRAGOS EXPRESS WASH LTD
Trajectory
3y · 2023–NowFinancial sub-scores
Computed from 3 filingsDevelops and provides cybersecurity software and services for industrial and operational technology (OT) environments, including asset visibility, vulnerability management, threat detection, threat…
Serves industrial and critical infrastructure organisations, targeting security and operations teams responsible for operational technology environments and related compliance regimes such as NERC…
Financial Health
StrongStrong · Hiring · 145% CAGR over 2y
Location
Trajectory
3y · 2024–NowFinancial sub-scores
Computed from 3 filingsProvides managed detection and response cybersecurity services, including 24/7 security monitoring, threat detection, investigation, and incident response. Develops a security operations platform…
Serves B2B security teams and SOC leaders at organizations of any size across industries, including those operating cloud, email, endpoint, identity, network and SaaS environments.
Financial Health
HealthyHealthy · Hiring · 11% CAGR over 2y
Location
Develops software and analytics platforms for risk, compliance and supply chain management. Provides tools for third‑party due diligence, financial crime detection, and supply chain risk monitoring…
Serves large enterprises, banks and government agencies, including Fortune 500 firms and public sector bodies in automotive, critical infrastructure, defense, energy and healthcare.
Location
Foresite MSP Limited
Trajectory
5y · 2020–NowFinancial sub-scores
Computed from 5 filingsProvides managed cybersecurity services including security operations centre monitoring, managed detection and response, threat intelligence, vulnerability and patch management, firewall and endpoint…
Serves enterprise security and IT teams, Google Cloud users, and public sector organisations across financial services, government, healthcare, retail, manufacturing, education, insurance and legal…
Financial Health
StableStable · Hiring · 6% CAGR over 4y
Location
Integrity360
Provides cyber security services including managed detection and response, threat monitoring, vulnerability management, incident response, penetration testing, and governance, risk and compliance…
Serves organisations across Europe, including public sector bodies and businesses in banking, financial services, fintech, healthcare, education, utilities, manufacturing, professional services and…
Financial Health
Insufficient historyInsufficient history
Location
Sophos
Develops cybersecurity software and provides managed security services. Offers endpoint protection, firewalls, email and cloud security, threat detection and response (XDR/MDR), vulnerability…
Serves businesses, public sector bodies and institutions worldwide, including education, finance and banking, government, healthcare, manufacturing and retail organisations, plus channel partners and…
Location
Oxford Information Labs Limited
Trajectory
5y · 2021–NowFinancial sub-scores
Computed from 5 filingsProvides cyber intelligence and technology consultancy, combining software development, cybersecurity analysis and big data research to study online threats. Produces research, data tools and policy…
Serves governments, academic institutions and international organisations needing expertise on cybersecurity, internet governance, cybercrime, fraud, scams and other online threats.
Financial Health
StrongStrong · Growing, Hiring · 7% CAGR over 4y
Location
Trajectory
3y · 2023–NowFinancial sub-scores
Computed from 3 filingsProvides cybersecurity consulting and services including incident response, threat hunting, managed detection and response (MDR), cyber readiness assessments, red and purple team testing, threat…
Serves global enterprises and CISOs, including organisations in crypto, retail, financial services, healthcare, law, logistics and transportation, industrial systems, telecoms and technology.
Financial Health
WeakWeak · -13% CAGR over 2y
Location
Unlock all 167 leads
Showing 50 of 167 — +117 more with verified decision-maker contacts, live data, and CRM sync.
How UK threat intelligence companies work and how to sell to them
What they do
Threat intelligence companies usually earn through recurring subscriptions, retainers, and services wrapped around specialist analysis. Smaller engagements may cover monitored domains, exposed credentials, threat actor tracking, or a single machine-readable feed, while larger accounts add analyst access, bespoke reporting, incident support, and integration into security operations workflows. Pricing often reflects the breadth of sources, number of users, monitored assets, feed types, response commitments, and reporting cadence. The product shape is therefore part software, part research desk, and part operational support; margins depend on how far collection and enrichment can be automated without diluting the judgement customers expect from analysts.
Who they sell to
Most threat intelligence suppliers sell to larger enterprises, regulated organisations, public-sector bodies, and managed security providers. Day-to-day sponsors tend to be CISOs, heads of security operations, cyber risk leads, fraud teams, and security engineering managers, with procurement, legal, and finance involved once the service touches sensitive information or incident response. Sales cycles are usually consultative rather than self-serve, because buyers want to test relevance against their own assets and threat model. Smaller customers are more likely to buy through security partners, while enterprise and public-sector accounts often involve pilots, assurance questionnaires, framework agreements, or formal tender processes.
What they buy
Most threat intelligence firms tend to spend on cloud infrastructure, secure storage, data engineering, collection tooling, workflow systems, and analytics that help analysts move from raw material to customer-ready reporting. They also buy customer-facing infrastructure such as portals, alerting, case management, application programming interfaces, and integrations with security operations tools. Commercial teams need customer relationship management, billing, proposal, and account-expansion systems, particularly where subscriptions and managed services sit together. Specialist suppliers may also buy legal advice, privacy support, penetration testing, insurance, analyst recruitment, translation, and marketing services aimed at technical buyers rather than broad demand generation.
Why and how to sell to them
Threat intelligence buyers tend to evaluate suppliers when analyst workload rises, customer requirements become more formal, or a new enterprise contract exposes gaps in auditability, reporting, and integration. Hiring in analyst, engineering, or public-sector sales roles can signal operational strain; so can a move from bespoke consulting towards repeatable subscriptions. Outbound messages work better when they connect to evidence, provenance, delivery speed, and margin control rather than generic cyber fear. Useful angles include reducing manual triage, improving customer-facing reporting, shortening security reviews, supporting tender responses, and making intelligence easier to operationalise inside customer environments.
How this list is built
Data sources
This list is built from UK Companies House filings, XBRL accounts data, and semantic analysis of each company's public website. Revenue and headcount figures come from the most recent filed accounts; where the company has not filed, values are estimated using a model trained on filed history and peer benchmarks and are labelled as estimates.
Classification
Rather than relying solely on SIC codes, Firmbase classifies each company semantically: the company's website is crawled, an AI model reads what the company actually sells, and the company is placed into the relevant industry and subsectors. SIC codes are used as one signal but not the only one. This means a company that registered under a generic SIC code but pivoted into (for example) fintech is correctly identified as fintech, not as its original SIC category.
Freshness
The underlying company data is refreshed from Companies House continuously; filings appear in the list within days of submission. The curated list ordering is regenerated when the underlying data moves meaningfully (company count changes by more than 5%, a new company enters the top-ranked segment, or the filed-revenue numbers for the top firms change). You can see the last-updated timestamp near the top of the page.
Related directories
Frequently asked questions
How many threat intelligence companies are there in the UK?↓
What counts as a threat intelligence company in this list?↓
Which are the largest threat intelligence companies in the UK?↓
What do threat intelligence companies in the UK actually do?↓
How does UK threat intelligence compare internationally?↓
How is this list built and how fresh is the data?↓
How big are the typical threat intelligence companies in the UK?↓
Are these mostly new or established threat intelligence companies?↓
What SIC codes does this use?↓
What buying signals should I look for?↓
Push these 167 companies into your pipeline.
Find the right decision-makers, see verified company data, and export your list in seconds.