BAE Systems Applied Intelligence

We offer our services in the following countries:

EMEA The Americas Asia Australasia
Penetration Testing  ✓
Simulated Target Attack & Response
Threat Intelligence  ✓
Cyber Security Incident Response  ✓


Address: Waterside House
170 Priestley Road
Surrey Research Park
Telephone: +44 (0)1483 816000
Email: [email protected]
Contact: Alex Crompton
[email protected]
+44 (0)1483 816384Tim Orchard
[email protected]
+44 (0)1483 816266

BAE Systems Applied Intelligence develop, integrate and manage information intelligence solutions to help our clients deliver effective and secure services to citizens and customers. We also develop solutions to strengthen national security and resilience. We’re part of BAE Systems, a global defence and security company with over 100,000 employees worldwide.


Penetration Testing

Contact: Alex Crompton
[email protected]

BAE Systems Applied Intelligence provide a comprehensive range of  Security Testing services  which are aimed at both organisations seeking to understand their vulnerability to attack, and vendors and governments seeking to assure products to specific criteria.  Our unique understanding of the cyber threat allows us to test for vulnerabilities not just to indiscriminate attack, but also to the most advanced targeted cyber threats.  BAE System’s testing capability is truly global with resources in Europe, South East Asia and Australia, and North America.

Our Security Testing services include:

  • Application and infrastructure penetration testing
  • Mobile device assessment
  • Secure code review
  • Targeted Attack Resistance Assessment
  • Common Criteria evaluation
  • FIPS-140 testing

All of our security testing is carried out by experienced penetration testing experts who have a wealth of knowledge in a variety of information security domains including: development and implementation; governance, risk and compliance (GRC); networking and security architecture; and reverse engineering.

CREST Qualified Consultants:
Practitioner Security Analysts:  Yes
Registered Penetration Testers:  Yes
Certified Web Application Testers:  No
Certified Infrastructure Testers:  No
Certified Wireless Testers:  No

Simulated Target Attack & Response (STAR) Penetration Testing

Contact: Alex Crompton
[email protected]

BAE Systems offers a range of tailored, intelligence-led penetration testing services that assess the ability of our clients to detect and defend against the types of cyber attacks that are likely to actually affect their organisation.  We are able to provide country, sector and client specific threat intelligence using our in-house team or equally work with a customer or third party to derive a realistic and appropriately defined scope of work.

CREST Qualified Consultants:
Certified Simulated Attack Managers:  Yes
Certified Simulated Attack Specialists:  No

Simulated Target Attack & Response (STAR) Threat Intelligence

Contact: Adrian Nish
+44 (0)20 7812 4722
[email protected]

Our Cyber Threat Intelligence services provides a view of cyber attacks affecting organisations globally.  We provide actionable intelligence derived from our unique and rich set of sources, in the form of signatures which can be applied to network defences and reports aimed to give situational awareness.  We maintain a current intelligence picture for dozens of high priority threat actors.   Our threat intelligence also underpins our cyber Business Unit being critical to product and service roadmap.

CREST Qualified Consultants:
Registered Threat Intelligence Analysts:  No
Certified Threat Intelligence Managers:  Yes

Cyber Security Incident Response

Contact: James Allman-Talbot
[email protected]
Emergency Help:  0808 168 6647

 BAE Systems Applied Intelligence provides an expert incident response service certified by the CESG Cyber Incident Response scheme. We have 8 years experience in responding to advanced targeted attacks, financial fraud incidents, hacktivist attacks and insider fraud. Our experience in monitoring for cyber-attacks, war gaming new attack methods and our threat intelligence means we have in-depth knowledge of attacker methods and motives.

We combine our forensic, reverse-engineering, data analysis and incident management skills to ensure rapid understanding and remediation of the incident, while our technical and business expertise means that we minimise business impact. We can work with you to lead and investigate major incidents; or our technical services (such as forensics, log analysis, reverse engineering) can be provided on a standalone basis to support your investigations.

When an incident occurs, a timely and expert response can be critical to mitigating business and network impact. As such, we offer the following 3 levels of service:

Emergency            Rapid response with no prior agreement in place

Prepared               Commercials and review of network completed in advance to ensure rapid start on key investigation tasks

Retained                As prepared but with additional service levels to guarantee experts are on standby.

CREST Qualified Consultants:
Registered Intrusion Analysts:  Yes
Certified Network Intrusion Analysts:  Yes
Certified Host Intrusion Analysts:  Yes
Certified Malware Reverse Engineers:  No
Certified Incident Managers:  Yes

Security Architecture

CREST Qualified Consultants:
Registered Technical Security Architects:  Yes