Behavioral Threat Management for Protective Operations
We identify the people behind the posts before they become the people at the door.
Aegis Research Group is a protective intelligence firm purpose-built for executive protection. We conduct behavior-based threat assessments, manage persons of interest investigations, and deliver structured intelligence products to the security teams responsible for high-profile individuals.
Grievance-driven fixation, leakage, pathway-to-violence indicators, doxxing, and coordinated harassment rarely stay online. We exist to close the gap between digital behavioral signals and physical security decisions — before concerning behavior becomes a credible threat.
Collect
Continuous open-source monitoring across platforms, forums, and dark web surfaces
Assess
Behavioral threat assessment — fixation, grievance, capability, and intent scoring
Deliver
Tiered alerts, POI profiles, and structured briefings your team can act on immediately
Intelligence products built for threat management programs.
Every output is designed for security professionals who need to distinguish between concerning behavior, grievance-driven communications, harassment, disruptive activity, and credible threats of violence. Structured intelligence your team can trust, act on, and brief upward.
Behavioral Threat Assessments
Structured assessments on persons of interest — behavioral indicators, credibility, severity, escalation potential, protective factors, and recommended mitigation options. Aligned with ATAP, WAVR-21, and FBI BAU methodologies.
POI Investigations & Watchlists
Comprehensive person-of-interest investigations where there is a defined direction of interest. Platform identifiers, behavioral history, risk and protective factors, investigative gaps, and recommended next steps.
Continuous Monitoring & Alerts
24/7 open-source monitoring across social platforms, forums, and media. Tiered alerting calibrated to threat level — from routine flagging to immediate BOLOs and protective notifications.
Briefings & Intelligence Products
Written assessments, executive briefings, BOLOs, and structured intelligence products for Corporate Security, Executive Protection, Legal, Communications, and cross-functional partners.
Trend Analysis & Threat Metrics
Tracking hostile narratives, conspiracy amplification, recurring threat indicators, and coordinated campaigns. Pattern identification that helps teams prioritize resources and anticipate escalation.
Case Management & Documentation
Structured documentation of investigative findings, behavioral observations, risk factors, protective factors, investigative gaps, and recommended actions — supporting the full threat management lifecycle.
Protective Intelligence Support
Pre-advance digital reconnaissance, event-specific threat scans, real-time monitoring for travel and appearances, and awareness of individuals, groups, and online communities presenting disruptive or threatening interest.
Structured frameworks. Repeatable intelligence.
Our methodology is built on recognized behavioral threat assessment frameworks adapted for the pace of executive protection. Every engagement follows the same disciplined cycle — no ad hoc work, no guesswork, no unstructured analysis.
Intake & Threat Landscape Mapping
Structured intake with your CSO or security leadership — understanding the principal's public profile, known threat history, digital footprint, and operational environment. This defines the collection plan and establishes the behavioral baseline.
Collection & Continuous Monitoring
Tiered open-source collection across social platforms, forums, media, public records, and dark web surfaces. Frequency calibrated to threat level — from broad surveillance sweeps to hourly critical-term monitoring. OSINT tradecraft applied to fragmented and ambiguous sources.
Behavioral Threat Assessment & Classification
Every flagged actor is assessed using structured behavioral threat assessment frameworks aligned with ATAP, WAVR-21, and USSS NTAC methodologies. We evaluate grievance, fixation, leakage, identification, escalation trajectory, pathway-to-violence indicators, capability, destabilizers, and protective factors. Graduated classification separates concerning behavior from grievance-driven activity, harassment, disruptive conduct, and credible threats of violence.
Intelligence Delivery & Case Management
Tiered alerts matched to severity — from routine monitoring updates to BOLOs and immediate protective notifications. Written assessments, briefings, and intelligence products delivered to Executive Protection, Corporate Security, Legal, Communications, and cross-functional partners. Full case documentation with investigative findings, risk factors, gaps, and recommended next steps.
Built for the people responsible for protection.
Our clients are security professionals, threat managers, and their cross-functional partners — not consumers. We work alongside the teams already protecting people, adding the behavioral threat intelligence layer that most protective operations are missing.
Executive Protection & Threat Management
EP teams, detail leaders, and CSOs who need behavioral threat intelligence integrated into protective operations — advance work, route planning, real-time situational awareness, and structured threat assessment products they can act on and brief upward.
Corporate Security & Cross-Functional Partners
Security programs managing threat landscapes around executives, board members, and public-facing leadership. We deliver intelligence products built for Corporate Security, GSOC, Legal, People, Communications, Information Security, and Resilience teams.
Legal & Crisis Management
Attorneys, crisis communications firms, and litigation teams who need evidentiary-grade behavioral assessments on harassment campaigns, stalking patterns, or hostile actors — with documented investigative findings, risk factors, and case management support.
Family Offices & UHNW Advisors
Advisors and security consultants protecting high-net-worth families from digital exposure, doxxing, and grievance-driven threats. We coordinate with law enforcement, external investigative partners, and peer intelligence networks when escalation warrants it.
Start With a Conversation
Security decisions should never be rushed. We begin with a confidential conversation to understand your risk profile, environment, and expectations — no pressure, no obligation.
All conversations are confidential. We respect your privacy and discretion.