The EmilyAI v3.5 release is on track for an October release with the federated-learning preview that has been the team's principal research-and-engineering project for two years. The capability — cross-customer detection-content uplift while preserving customer-data confidentiality — addresses the cross-customer-data-sharing question that the Black Hat USA 2021 paper Q&A surfaced as a substantive industry concern and that the team's subsequent research work has been incrementally building toward.
The substantive content of the capability. The federated-learning architecture allows the EmilyAI per-customer models to incorporate detection-pattern uplift from the broader customer-base without exposing any customer-organisation data outside the customer-organisation tenant. The technical implementation uses model-parameter-aggregation across customer tenants with differential-privacy controls on the aggregation step, ensuring that no individual customer's data can be reconstructed from the aggregated model parameters. The uplift produces detection-pattern recognition that incorporates threat-pattern observations from the broader customer-base — a customer that has not directly observed a particular attack pattern can benefit from the pattern recognition that other customers' observations have produced.
The technical work behind this has been substantial. The team's first preprint on the federated-learning approach for cyber-detection was submitted in 2023 (and later accepted at USENIX Security 2024 as the team's third peer-reviewed conference paper). The subsequent engineering work to convert the research approach into a production-grade capability has been the principal team focus through 2024 and into 2025. The customer-organisation legal-and-compliance review across the customer base has been substantive — the customer-organisation contractual terms, the regulatory-environment-compliance posture (particularly post-NIS2 and post-DORA), and the customer-organisation board-level governance arrangements have all been worked through.
The customer-side reception of the v3.5 preview through the early-access programme of the past quarter has been positive. The detection-content uplift has been measurably substantive — the early-access customer measurements are showing approximately 12-18% improvement in incident-grade-class detection performance against cross-customer threat-pattern recognition that the per-customer-only models did not produce. The customer-organisation feedback on the privacy-and-confidentiality posture has been, on the careful review, validating — the customer-organisation legal-and-compliance teams have validated the architecture against both contractual and regulatory requirements.
The wider strategic point. The v3.5 federated-learning capability is the most substantive single product capability addition since the v3.2 language-model-integration release in May 2023. The strategic implication for the company is that the EmilyAI product trajectory continues to differentiate against the broader SOC-augmentation-tooling category. The competitive landscape has, through 2024-2025, produced multiple comparable offerings from major SIEM vendors and various specialist firms; the v3.5 federated-learning capability is, on the operational measure, ahead of the competitive offerings on cross-customer detection-uplift specifically.
The team. The lead engineer (now nine years in) is the architect of the federated-learning capability and has been the principal author of the corresponding research papers. The team is at forty-two at the moment, with the EmilyAI engineering function at approximately twelve full-time. The continued engineering and customer-success function expansion has been the principal hiring focus through 2024-2025.
I will write more as the v3.5 customer-deployment progresses through Q4. The team's work has, again, been excellent.