Skip to main content
Digital Marketplace

Beta Help us improve the Digital Marketplace - send your feedback

ALCHEMMY CONSULTING LIMITED

Breach & Attack Simulation and Continuous Validation of Security Performance

Alchemmy provides threat-informed, evidence-based consultancy to enhance security operations. Utilising Breach and Attack Simulation technology, we demonstrate potential attacker methods using the latest scenarios, offering a safe way to assess how your security defences would respond. Our customisable services support and extend red/purple team assessments.

Features

  • Real-time security posture visibility: assesses and explains maturity
  • Security controls configuration check: ensures proper setup and function
  • Security tools, people, and processes test: handles known threat behaviour
  • Highly collaborative engagement: partners with client's security teams
  • Comprehensive reporting: includes remediation recommendations
  • Fast, scalable, cloud-based security testing: automated deployment
  • Augment Red/Purple Team operations: with automated testing
  • Internal & External Attack Surface assessments: evaluates security vulnerabilities
  • Ransomware resilience testing: evaluates defences through simulated ransomware scenarios
  • Flexible service models: adapt to diverse client needs and scales

Benefits

  • Clear visibility: assesses live security control effectiveness
  • Identifies gaps: prioritises remediation effectively
  • Independent verification: confirms improvement effectiveness
  • Comprehensive threat coverage: across various scenarios
  • Realistic insights: safely simulates real-world threats
  • Live situational awareness: explores response to potential breaches
  • End-to-end posture visibility: across multiple controls
  • Reduced manual effort: enhances cost-effective scalability
  • Objective metrics: informs security decision-making
  • Better risk control: manages exposure effectively

Pricing

£479 to £1,705 a unit

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@alchemmy.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

5 2 7 8 3 0 7 9 8 3 4 4 9 4 5

Contact

ALCHEMMY CONSULTING LIMITED Alchemmy Consulting Limited
Telephone: +44 (0)207 112 8651
Email: bidteam@alchemmy.com

Planning

Planning service
Yes
How the planning service works
Our services include configuration or capability changes to cloud or physical infrastructure, emphasising improvements in security controls, application refactoring, and system upgrades. These offerings align with business analysis, solution design, and security architecture as part of our planning services to enhance security effectiveness and resilience.
Planning service works with specific services
No

Training

Training service provided
No

Setup and migration

Setup or migration service available
No

Quality assurance and performance testing

Quality assurance and performance testing service
Yes
How the quality assurance and performance testing works
Our services include comprehensive quality assurance and performance testing. We utilise continuous validation of security performance, employing Breach and Attack Simulation (BAS) and various testing techniques to assess the effectiveness of security controls against real-world cyber threats. We ensure that security measures are robust, effective, and capable of handling both current and emerging threats, providing continuous monitoring and validation of your security posture. Through these services, we aim to guarantee the efficacy and reliability of your security infrastructure.

Security testing

Security services
Yes
Security services type
  • Security strategy
  • Security design
  • Cyber security consultancy
  • Security testing
Certified security testers
Yes
Security testing certifications
CREST

Ongoing support

Ongoing support service
Yes
Types of service supported
Hosting or software provided by a third-party organisation
How the support service works
We support cloud hosting or software services through our security performance validation services, which are typically delivered via the cloud under a Software as a Service (SaaS) model. Our services include the deployment of Breach and Attack Simulation platforms onto target IT infrastructure, which can be tailored to operate in cloud environments managed by third-party organisations. This involves continuous assessment of security controls, real-time security posture monitoring, and providing actionable insights to enhance cloud security effectiveness.

Service scope

Service constraints
None

User support

Email or online ticketing support
Email or online ticketing
Support response times
Within 24 hours during the week; different response times at weekends
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Support levels
Our support revolves primarily around security performance validation services, delivered as managed services. This includes ongoing security control assessments, quarterly reporting, and specific tests against real-world threat scenarios. We engage collaboratively with customers' security operations teams to provide continuous feedback and guidance on security posture improvement.

Pricing details for our various support levels are outlined in our Pricing PDF, available on the Digital Marketplace. This document provides a detailed breakdown of costs associated with each level of service and support we offer.

We do provide dedicated support roles such as technical account managers as part of our service offering. These professionals work closely with clients to manage the service delivery, understand specific security needs, and ensure that our services are aligned with client objectives effectively, enhancing the overall security posture and response capabilities.

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
AttackIQ/MITRE ATT&CK & Cymulate

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BM TRADA
ISO/IEC 27001 accreditation date
12/02/2024
What the ISO/IEC 27001 doesn’t cover
ISO27001 is comprehensive as the gold standard for information security. There are certain security controls outlined in ISO that Alchemmy does not cover as the control statements are not applicable to our business (e.g. 'Regulation of cryptographic controls'). Otherwise, Alchemmy has full relevant coverage at 'Managed' and 'Optimised' levels
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

Sustainability is at the forefront of everything Alchemmy does. Given our commitment to delivering environmental benefits, including reducing greenhouse gas emissions, we have made ‘Greener Alchemmy’ a central pillar of our 5-year growth plan. We recently recalculated our carbon footprint to understand how to reduce our carbon footprint most effectively. These reduction efforts are captured in our Carbon Reduction Plan (CRP), and include ‘cycle to work’ and e-vehicle schemes. Improvements to our CRP are informed by our recent experience advising DfT and eight other government bodies on how to improve procurement policies in light of the UK’s 2050 Net Zero target.

This company-wide environmental policy ensures that sustainability is methodically anchored in our operations. We identify, manage, monitor, and control our environmental issues holistically through our Environmental Management System (EMS), and have recently developed an EMS for a client. We endeavour to comply with all relevant social and regulatory requirements and go above and beyond to ensure that we are making the right impact where it is needed most.

We also seek to influence our staff, suppliers, customers and communities to support environmental protection through a variety of social media and other campaigns. We have organised several relevant events, with cross-sector leaders discussing, for example, ‘Digital Sustainability’ and ‘Innovation in the Public Sector’.

Covid-19 recovery

At Alchemmy, we are doing what we can to help communities manage and recover from the impact of COVID-19. Many of our consulting projects help organisations deliver their services in new ways, whether developing the operating model for a HealthTech company, partnering with a start-up focused on the ‘future of work’, or implementing software and change management programmes for public bodies.

Some of our largest clients are in the rail sector,where we recently mapped commuter and leisure personas to help a train operator improve its post-COVID travel solutions, and government,where we are currently helping an ALB plan its 10-year transformation, including significant changes to workplace conditions.

We have also worked hard to support the physical and mental health of our own staff affected by COVID-19. We Plan, Do, Check and Act (PDCA) regularly to ensure that our projects are sustainably delivered. Alchemmy used this PDCA approach to remain agile and innovative and to manage risks during the pandemic.

Our commitment to ‘do the right thing’ for our people promoted resilience during this time, with our senior leadership team monitoring the global situation and developing numerous contingency plans. Once we felt the need to act, we communicated with our staff and sought their views, and we have always encouraged our people to make the most of flexible working arrangements. Doing the right thing and placing trust in our people to work remotely not only allowed them to continue supporting clients during the height of COVID, but also contributed to their own welfare during that period of time.

Tackling economic inequality

As an SME, we appreciate the importance of entrepreneurship. In project delivery, our Growth Strategy practice works almost exclusively with small organisations—helping them expand geographically, launch new products, and secure growth funding. We focus on sectors where addressing economic inequality is either a primary concern (e.g. central government) or a clear secondary aim (e.g. improved rail connectivity).

We also create opportunities for partner organisations and individuals (via our associate network) and maintain a 100% on-time payment record. This creates a diverse and resilient supply chain with increased capacity, as well as giving us experience of collaborating with a wide range of prime, subcontractor, and consortium organisations. We have created additional employment opportunities through our graduate recruitment scheme and by setting up offices in Manchester.

We create training opportunities by creating client-consultant teams (valuable in high demand/skills gap areas, such as product ownership and business analysis), ensuring upskilling of client teams is built into all of our delivery plans and embedding best-in-class software products into our delivery. These SaaS tools also enable innovative and disruptive approaches, allowing us to increase productivity and develop scalable methodologies which we future-proof through a range of internal training, book clubs, speaker events, and an Innovation Hub. Our staff have multiple other accreditations, including Prince2, Lean Six Sigma, Agile, and we support new joiners pursue those and other qualifications during and after project delivery.

Recently we set up a mentoring programme in which Alchemmy employees introduce school children to the business world and guide and inspire them to otherwise unconsidered opportunities. Our charity in 2023 was Just a Guy, this included hosting panel events in our offices so students could interact and ask questions of our Alchemmists.

Equal opportunity

Within Alchemmy, we are dedicated to fostering an inclusive environment and advocating ethical business practices—underpinned by our organisational values of ‘Doing the Right Thing’, ‘Succeeding Together’ and ‘Being Ambitious’.

To prevent salary inequality, we peg staff to a standard progression scale which guarantees that everyone at the same level is remunerated equally and provides transparency on future earning potential. Our review cycle is every 6 months to support in-work progression and increase the rate at which employees move into higher paid roles.

Our recruitment processes and culture support this equal opportunity approach. All first-round interviews are blind, phone-based discussions, and we partner with an apprenticeship agency to provide increased opportunities for young people by embedding them into projects with an opportunity for full-time employment.

We also prioritise learning and development, investing in our people to nurture their skills within a culture of diversity, inclusion, and respect. We offer staff an annual training allowance as well as running interactive sessions, weekly tech teach-ins, and fortnightly knowledge transfer presentations. ‘Coaching’ training, a reverse mentoring scheme, and the ongoing help of employees’ Counselling Managers all ensure that people have the opportunity to thrive at Alchemmy and beyond.

We expect the same commitment to equality and diversity from our suppliers, subcontractors, and clients. We have helped clients be compliant with equality legislation during recruitment campaigns (including identifying fair ways of attracting/assessing candidates, reviewing proposed salaries, and ensuring campaigns follow e.g. the Guaranteed Interview Scheme).

We are also committed to reducing the disability employment gap. We are proud to have recently been admitted to the Armed Forces Covenant to cater for military veterans. All our staff and subcontractors must adhere to our Health and Safety policy, and despite not being required to do so, we have adopted a Modern Slavery policy.

Wellbeing

At Alchemmy, we are committed to supporting the physical and mental health and wellbeing of our staff. We take a structured approach to this by promoting remote and flexible working, allowing staff to book ‘wellness days’ off, providing staff with access to physical and mental health support via a third-party provider, and ensuring every employee has a Counselling Manager to support their personal and professional development. We hold a company-wide meeting every fortnight and organise regular social events to build a fun and inclusive community for our staff and partners. Through our various wellbeing committees (Alchemmy Gives, Alchemmy Green, Alchemmy Sports) we organise formal initiatives such as educational talks, fitness challenges, meditation, coffee mornings. Junior colleagues are regularly involved in organising these initiatives, with strong representation on our Diversity and Inclusion team.

Alchemmy has a robust support network in place for staff at all levels, with regular check-ins both one-on-one and in wider groups, enabling concerns to be raised and addressed. Feedback from staff, such as ability to access mental health support, is tracked via our quarterly pulse survey and dedicated action plans are developed to drive continuous improvement, ensuring we create an environment all our staff can thrive in.

Alchemmy believes in playing a positive role in society by fundraising and volunteering our time to causes that matter to our people. Every year we run a company-wide Corporate Social Responsibility (CSR) day where we volunteer our time to a local cause. We also give all Alchemmists two days of leave each year to spend on volunteering in CSR activities. We support a nominated charity on an annual basis – building stronger relationships and encouraging greater involvement than simply donating money – and we have formalised a partnership with FareShare who provide millions of meals weekly to vulnerable people.

Pricing

Price
£479 to £1,705 a unit
Discount for educational organisations
Yes

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@alchemmy.com. Tell them what format you need. It will help if you say what assistive technology you use.