NCC Group

We offer our services in the following countries:

EMEA The Americas Asia Australasia
Penetration Testing  ✓  ✓  ✓
Simulated Target Attack & Response  ✓  ✓
Threat Intelligence  ✓  ✓
Cyber Security Incident Response  ✓
Cyber Essentials  ✓  ✓  ✓


Address: XYZ Building
2 Hardman Boulevard
M3 3AQ
Telephone: +44 (0)161 209 5200
Email: [email protected]
Contact: Mark Turner
+44 (0)161 209 5224Lloyd Brough
+44 (0)161 209 5188
[email protected]

NCC Group is a leading global information assurance company, providing freedom from doubt that all critical material is available, protected and operating as it should be at all times.

Comprising the largest single penetration testing team of its type in the world, NCC Group provides information security services to thousands of customers worldwide.

Our tests are performed by experienced penetration testers with a wealth of knowledge in diverse IT disciplines including policy, design, implementation and development.


Penetration Testing

Contact: Mark Turner
+44 (0)161 209 5200
[email protected]

Our expert, highly skilled penetration testing specialists examine the current state of your infrastructure to assess the resilience of your security controls and to identify all the ways that an attacker might gain unauthorised access.

We can offer:

  • Infrastructure penetration testing
  • Application security testing
  • Network security testing
  • Remote access security testing
  • Wireless security testing
  • Mobile security testing

Through the application of rigorous methodologies, the use of automated scanning tools, customised proprietary scripts and manual techniques, we test for exploitable vulnerabilities that could allow unauthorised access to key information assets.

Our reports detail the security vulnerabilities within your infrastructure that could potentially be exploited in an attack.  They also recommend the best methods to secure the environment based on your unique internal business requirements and industry best practices.

CREST Qualified Consultants:
Practitioner Security Analysts:  Yes
Registered Penetration Testers:  Yes
Certified Web Application Testers:  Yes
Certified Infrastructure Testers:   Yes

Simulated Target Attack & Response (STAR) Penetration Testing

Contact: Ollie Whitehouse
+44 (0)1372 383819
[email protected]
Emergency Help:  +44(0)161 209 5148

NCC Group’s STAR service is delivered by its world-class red team from its technical assurance practice and its Piranha platform.  This delivery is backed up by a dedicated exploit development  who provide engineering support in the form of capabilities that model sophisticated threat actors.   Working closely with our own Threat Intelligence team provides time and cost savings whilst also enabling a full end to end collaborative engagement.  Our service allows organisations to understand their true susceptibility to advanced real world attacks and the maturity of their detection and response..

CREST Qualified Consultants:
Certified Simulated Attack Managers:  Yes
Certified Simulated Attack Specialists:  Yes

Simulated Target Attack & Response (STAR) Threat Intelligence

Contact: Tim Haines
+44 (0)161 209 5148 (24 hour)
[email protected]

NCC Group’s Threat Intelligence services are focussed on providing clients with timely, actionable intelligence focussed on the business implications of both the threat and threat mitigation activities.  Our intelligence is developed from a broad spectrum of intelligence sources and underpinned by deep technical understanding. Analysis of threat actors, their intent and capability, is combined with a comprehensive knowledge of threat vectors, target systems and their vulnerabilities..

CREST Qualified Consultants:
Registered Threat Intelligence Analysts:  No
Certified Threat Intelligence Managers:  Yes

Cyber Security Incident Response

Contact: David Cannings
+44 (0)161 209 5438
[email protected]
Emergency Help: +44 (0)161 209 5148 (24 hour)

NCC Group’s Cyber Defence Operations (CDO) provide Incident Response services to help clients understand, contain and mitigate breaches and Cybersecurity incidents.  Our incident response and forensic services include:

  • Incident Response & Breach Support
  • Digital Host and Network Forensics
  • Managed Detection and Response Services
  • 24/7 Network Threat Monitoring
  • Malicious code detection
  • Advanced persistent threat and malware analysis
  • Cyber Incident and Forensic readiness reviews
  • First responder training courses
  • Ad hoc IR and forensic advice and consultancy

CREST Qualified Consultants:
Practitioner Intrusion Analysts:  Yes
Registered Intrusion Analysts:  Yes
Certified Network Intrusion Analysts:  Yes
Certified Host Intrusion Analysts:  Yes
Certified Malware Reverse Engineers:  No
Certified Incident Managers:  Yes

Cyber Essentials

To find out more about our Cyber Essentials service, please click here.