Operational Intelligence

All stages of the policing life-cycle require quick, accurate and reliable answers to the who, what, when, where, why and how questions.

X Cyber’s proprietary, state of the art tooling augments traditional policing to enable answers to these questions in the online, mobile application and internet services environments.


  • Specialist capability engineered solely for police and security agencies workflow
  • Surgical insight into platform specific user data at scale
  • Bulk data entry for querying across multiple platforms
  • Constant system evolution and role out of fix/update
  • Full change log to track changes and updates
  • Powerful real time reconnaissance with digital asset retrieval
  • Highly compartmented operational usage
  • Correlation to multiple services in use by entity of interest
  • Precision investigations with digital asset retrieval viable for distribution
  • Ongoing tasking functionality


  • Ultra simple easy use interface for all users
  • Saves time and cost, with near real-time reporting
  • Drastically minimizes manual processing and workflow
  • Identify previously unknown, new leads and avenues for investigation
  • Greatly aids prioritization in time constrained situations
  • Policy compliance auto enabled via audit logs of all users
  • Aids preparation of lawful requests and relevant warrants
  • Multiple digital artifacts retrieved via simple query interface
  • Enables preventative policing by increasingly situational awareness
  • Tried and tested solution, delivers results. Target Agnostic


£120,000.00 to £10,000,000.00 a unit

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at london@xcybergroup.com. Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 12

Service ID

1 2 5 4 0 2 0 0 6 0 4 1 2 0 5


XCyber® X Cyber Group
Telephone: ‭02037096755‬
Email: london@xcybergroup.com

Service scope

Software add-on or extension
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
Service constraints
System requirements
  • Linux machine platforms capable of running Ubuntu 18.04
  • Machine platform infrastructure running Elastic Search 7

User support

Email or online ticketing support
Email or online ticketing
Support response times
Triaged issues are assessed for action - if the challenge is a major issue then it will attract a response on a 24x7 basis.
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), 7 days a week
Web chat support
Onsite support
Onsite support
Support levels
Remote support via phone or remote log in to service for troubleshooting and fault diagnostics. Costs as per unit pricing outside of agreed contract levels.
Support available to third parties

Onboarding and offboarding

Getting started
Onsite and offsite training is available, with documentation available.
Service documentation
Documentation formats
End-of-contract data extraction
When the contract ends the users are able to receive extracted data from their service in a fully post processed format.
End-of-contract process
At the end of the contract, we will process all the contractual agreements with regards to destroying data, returning data to comply with policy set out in the original contract. Data that is held in the service will be purged accordingly. This process is irrevocable and no other digital assets will remain. This process is included in the original contracted price.

Using the service

Web browser interface
Supported browsers
  • Firefox
  • Chrome
Application to install
Designed for use on mobile devices
Service interface
Description of service interface
User interface is a single entry point to query entity information from disparate platforms. The user interface connects to a set of services that run the input user data against a set of platforms to enumerate and aggregate the responses back via a single browser pane.
Accessibility standards
None or don’t know
Description of accessibility
Accessibility testing
Customisation available
Description of customisation
The service provided is highly scalable and can be enhanced as such for larger service demands.


Independence of resources
Use of clusters and per user scaling is enabled - this allows for single point queries through to bulk load queries into the service from multiple users at a time.


Service usage metrics
Metrics types
Total number of queries, daily, hourly - there are many different metrics that can be supplied. User definitions are flexible and can be tailored.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
Protecting data at rest
Other data at rest protection approach
Data at rest for a clients data is performed to the clients level of access control as per the agreed contracted terms and conditions.
Data sanitisation process
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
The data is held in a wholly enclosed cloud service and exporting of data is conducted in line with customer requirements as dictated by the contracted terms.
Data export formats
Data import formats
Other data import formats
Standard MSISDN

Data-in-transit protection

Data protection between buyer and supplier networks
Private network or public sector network
Data protection within supplier network
IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
As per agreed contracted terms. Availability and SLAs (as a standard set) are available upon request.
Approach to resilience
As per agreed contracted terms; our standard resilience policy is available upon request.
Outage reporting
Via email alerts - or as determined by the client during contract discussions.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
All access is controlled by user defined roles and associated authority of those defined roles.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users receive audit information on a regular basis
How long user audit data is stored for
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications
Any other security certifications
Cyber Essentials

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
Other security governance standards
XCyber have a security team headed up the Chief Information and Security Officer. The UK Government demands for information security are adhered to via the CISO office and all effective controls are viable for further scrutiny upon request.
Information security policies and processes
All pertinent UK Government information security policies and processes are adhered to. XCyber works with government agencies and the processes followed are available upon request.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Configuration and changes to systems must be submitted as a "change request" which in turn triggers a "ticket". This ticket is reviewed for priority and resource demand and when the work is completed, the change ticket is updated/closed. The ticketed change will be developed and tested off the production platform to ensure seperation and prevent issues to availabitlity
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Assessment of threats, patch upates and service issues are conducted via the technology teams within XCyber. The CISO and CTO are responsible for ensuring that threat assessments, CVEs and patching are compliant and effectively dealt with. All vulnerabilities are patched in line with recognised bodies.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
In line with supplier requirements, response times and potential compromises are dealt with as per contracted terms. Protective monitoring processes include constant scaled monitoring of devices and hardware to identify behavioural issues prior to malicious activity. The information security process provides detection and response capabilities across all of XCybers network.
Incident management type
Supplier-defined controls
Incident management approach
The incident management process covers events that can impact system availability, security and validity. When an incident occurs, it is triaged, prioritised and responded to according to the severity and likely impact. Incident response and the escalation process is dealt with via the internal teams.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£120,000.00 to £10,000,000.00 a unit
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at london@xcybergroup.com. Tell them what format you need. It will help if you say what assistive technology you use.