brought to you by

Machine Learning + Human Centred Design
= Next Generation Cyber Defence

Cyber attacks continue to rise in terms of volume, sophistication and impact. Against a backdrop of an ever-increasing cyber skills gap and growing volumes of data and alerts, the cognitive burden on cyber analysts is increasing at an astonishing rate making it ever harder to hunt down attackers and protect your network.

We believe the future of cyber defence lies in the powerful partnership between humans and machines.  Those organisations that will continue to protect their assets, in light of these growing threats, will be those that recognise this partnership and invest in flexible solutions that easily integrate with their existing architecture and leverage the power of machine learning. This is the key to reducing the cognitive burden on our cyber analysts and better protection of our networks.

Sherpa is a research project by Deep Sky Blue which brings together machine learning and human centred design techniques with the aim of making a cyber analysts job easier by combatting the impact of cognitive depletion.


Estimated shortfall of cyber analysts by 2019.

Source: Forbes

Leading EDGE Cyber Research

Built in collaboration with the MOD’s Defence Science and Technology Laboratory (Dstl), our Sherpa prototype takes feeds of events from both network and host based detection systems and applies machine learning techniques to automate aspects of the cyber event triage process.


Sherpa’s machine learning algorithms learn from Cyber Analyst’s input to help identify attack patterns i.e. the Tactics, Techniques and Procedures (TTPs) being used by attackers. Sherpa is alsoable to recommend Courses of Action (COAs) in response to events and improve recommendations over time in line with feedback.

Designed for humans, Sherpa’s user experience induces the psychological state of flow, creating a more natural workflow for cyber analysts. Our prototype was designed to reduce the number of subconscious micro-decisions a cyber analysts needs to make with the aim of helping them remain focused and more effective for longer.





Aims to manage the intrinsic cognitive load of a cyber analysts role by:


  • Auto prioritisation of events
  • Auto discovery of TTPs / attack patterns as they deploy over days, weeks, or months
  • Recommendation of COAs




  • Aims to induce a state of ‘flow’, helping cyber analysts stay focused for longer and reducing cognitive burden
  • UX design, influence by phycology and human-machine interface design includes features that aim to reduce extraneous cogntive load





Sherpa is a great example of how research, development and innovation forms an underpinning value at the heart of our business:

At Deep Sky Blue our passion for technology and making a difference in the world drives us to innovate. We know that in the fast moving world of technology, to stand still is to go backwards and so we invest in an active Research and Development pipeline. out of which we develop new and innovative ways of solving the challenges of tomorrow. This also gives our people the opportunity to work with leading edge technology, tools and techniques 

TALK TO US ABOUT HOW OUR Research and expertise can

Give your Cyber Analysts the capability

they need to perform at their best.


Contact Us

To find out more about our exciting research, get in touch now:

The Sherpa cyber defence capability has been designed
and built by Deep Sky Blue Solutions Limited.


our locations

Cheltenham Office
Deep Sky Blue,
Office 42
Cheltenham Office Park,
Hatherley Lane,
GL51 6SH

Manchester Office
Deep Sky Blue,
The Innovation Centre,
Keckwick Lane,

© Copyright 2017. Deep Sky Blue Solutions Limited. All Rights Reserved.
Deep Sky Blue and the Deep Sky Blue logo are Registered Trade Marks of Deep Sky Blue Solutions Limited