Commercial offensive cyber capabilities
Research on how the commercial offensive cyber sector is integrating emerging technologies into its commercial offerings, and the implications.
Documents
Details
The commercial offensive cyber sector consists of companies offering legal and ethical security testing (commercial red teams), developers who produce tools and capabilities for the industry, and groups which conduct offensive cyber operations on behalf of third parties as a service.
This research looks at how the commercial offensive cyber sector is integrating emerging technologies into their commercial offerings and what the implications of this integration are.
Prism Infosec identified and approached suitable entities to achieve this, interviewing 18 companies between December 2024 and March 2025. The key findings are set out in this report.
This research is part of the government’s wider work to understand the threats and opportunities in cyber security, and to improve cyber resilience across the UK economy.