ESPROFILER Handbook
Company

About

A high-level overview of ESPROFILER.

Company Information

The following table provides key information useful for commercial purposes:

AttributeValue
CEOLouis Antani Holt
CROJohn Matthew McCann
CPOJoe Pavitt
General Mailboxinfo@esprofiler.com
Billing Mailboxbilling@esprofiler.com
Legal NameESPROFILER LTD
Trading NameESPROFILER
Company TypePrivate Limited Company
Financial Year1 August – 31 July
Founded1 July 2020
Company Number12711421
VAT NumberGB378676921
DUNS Number226037300
Registered OfficeMidway House, Herrick Way, Staverton, Cheltenham, England, GL51 6TQ
CertificationsCyber Essentials Plus

1. Who We Are For

Enterprise CISOs:

  • $1B+ revenue organizations
  • 10,000+ headcount
  • Managing complex, multi-vendor portfolios (75+ tools)

Also:

  • Security Architecture leaders responsible for portfolio strategy

2. The Core Problem We Solve

Portfolio Operating Layer

Security portfolios are dynamic—constantly evolving with threats—but are still managed like static inventories.

Result:

  • Misalignment between capabilities and threats
  • Poor alignment with renewal cycles
  • Ineffective governance models

3. Our Category (What We Actually Are)

ESPROFILER is a continuous intelligence layer that transforms how enterprises:

  • Manage
  • Interogate
  • Invest in
  • Optimize

their security portfolios.

4. Why We’re Different

Unlike point-in-time assessments or generic AI tools, ESPROFILER:

  • Continuously models your live portfolio
  • Maps capabilities against:
    • MITRE ATT&CK
    • NIST
    • Custom architectures
  • Overlays:
    • Spend
    • Contracts
    • Utilization

Outcome:
Decision-ready intelligence that enables security leaders to:

  • Invest with precision
  • Act with confidence
  • Stay aligned to evolving threats

5. Proof

A. Deployment Context

  • Enterprise environments with:
    • 260+ tools
    • $200M+ annual cost
    • 35+ monthly renewals
  • Applied across 150+ vendors
  • Used in highly regulated industries
  • Identified $14M in redundant spend (example customer)

B. Mechanism Depth

Core Principle

The platform merges:

  1. External market intelligence
  2. Internal operational data

These are correlated and enriched across four intelligence layers to model the security architecture.

Intelligence Layers

1. Market Intelligence

  • Autonomous agents scan the global market
  • Profiles:
    • 10,000+ vendors
    • 21,000+ products
  • Feature-level, marketing-free analysis

2. Capability Intelligence

  • Maps product features to frameworks:
    • MITRE ATT&CK
    • NIST
  • Explains how tools contribute to defensive outcomes

3. Commercial Intelligence

  • Ingests:
    • Contracts
    • Spend
    • Licensing
  • Matches against market data

4. Human Intelligence

  • Tracks:
    • Tool utilization
    • Product ownership
  • Syncs with enterprise directories via:
    • Agent Tasks
    • ESPROFILER Intelligence Co-Pilot

Initial Assessment Outputs

Organizations gain:

  1. Commercial Visibility
    • Costs
    • Renewal timelines
  2. Baseline Capability Model
    • Detailed, capability-aware architecture model
  3. Shadow IT Discovery
    • Identification of:
      • Non-security tools
      • Independently purchased technologies

Continuous Assessment Capabilities

  1. Automated Internal Synchronization
    • Continuous syncing with enterprise systems
    • No manual updates required
  2. Real-Time Market Updates
    • Weekly vendor tracking
    • 30-day product update cycles
  3. Dynamic Ownership Tracking
    • Real-time accountability for tool ownership

Data Sources

Internal data is ingested from:

  • Procurement systems (e.g., SAP, Coupa)
  • Asset inventories / CMDBs
  • Application scanners
  • Identity provider (IdP) systems

Onboarding:

  • Initial flat file import
  • Ongoing updates via iEngine integration framework

Data Security & Isolation

  • Fully isolated, dedicated tenant environments
  • No data co-mingling
  • Encryption:
    • At rest
    • In transit

Data Freshness

External Intelligence:

  • Weekly updates across 410,000+ companies
  • 30-day product monitoring cycles

Data Mapping

Mapped against:

1. Market Intelligence Catalog

  • 10,000+ vendors
  • 21,000+ products
  • 162,000+ features

2. Security Frameworks

  • MITRE ATT&CK, ICS, Mobile ATLAS
  • MITRE D3FEND
  • NIST CSF, ISO
  • Internal taxonomies

AI & Data Usage

  • AI operates under strict contractual agreements
  • Customer data:
    • Not used for training
    • Not shared with third parties

6. Continuous Value

Security portfolios are constantly evolving due to:

  • Product updates and feature expansion
  • Mergers and acquisitions
  • Native security features in platforms (e.g., GitLab, cloud providers)
  • Independent contract renewal cycles
  • Regulatory and framework changes
  • New tooling adoption

ESPROFILER provides:

  • Continuously updated models of:
    • Capability
    • Coverage
    • Commercial timing

Without it:

  • Organizations revert to static documentation
  • Manual reconciliation becomes necessary

7. Why Now

1. Vendor Capabilities Are Changing Faster Than Governance

AI-native features and acquisitions mean tools evolve rapidly.
Annual reviews cannot keep up.

2. Security Spend Is Under Board-Level Scrutiny

CFOs and boards demand:

  • Justification of spend
  • Measurable outcomes

Most CISOs lack the data to confidently support this.

3. Portfolios Have Outgrown Manual Management

Security now extends beyond traditional tools into:

  • Development platforms (e.g., GitLab)
  • Cloud services
  • Productivity tools (Microsoft, Google)

Reality: Shadow IT is now the norm.

ESPROFILER exists for this moment—where portfolio complexity exceeds traditional management approaches.

Introduction

Values

Values we aspire to live by in everything we do at ESPROFILER. With a shared set of values, norms that are created every day will align with the company we want to be, and how we conduct business.

Copyright © 2026