assure, secure, advise

ethical security testing

Enquiry line: +44 (0) 161 209 5111 - assurance@nccgroup.com

We offer a range of Ethical Security Testing services (also known as Penetration Testing) covering an array of real threats designed to identify all areas of vulnerability. Using the up-to-date techniques, technologies and information sources used by genuine hackers to mitigate the identified risks and improve security measures, our services involve far more than simply 'scanning' the network for weaknesses. Although automated testing services can be useful, hacking tricks, cheats and techniques evolve on a daily basis, so they are quickly bypassed.

Our tests are performed 'hands-on' by experienced senior consultants utilising the same methods and tools as hackers in addition to developing their own and our 'effective responsible disclosure policy' results in major vulnerabilities being identified and resolved with vendors. We also draw on the expertise of our Consultancy Assurance practice to ensure an all-round view of your organisation's information security .

Key areas of expertise include:

  • Network security testing: We analyse the security of your networks, considering the potential for both an internal and external attack. Important for all organisations, it is essential for high profile or Internet businesses where breaches of customer confidentiality or fraud could result in bad publicity, loss of reputation and business
  • Remote access and remote worker security: We ensure your organisation is equipped to manage the security risks that arise from remote and home working. Issues such as laptop security, home and remote worker security, VPN security and access to remote servers are considered
  • Application security testing: We rigorously test your applications to ensure they are secure enough to cope with the transactions they are required to undertake (e.g. online banking and order processing)
  • Social engineering: We cover the 'human element' associated with risk and how real threats such as unauthorised physical entry into buildings, obtaining sensitive information, impersonation and deception can be addressed
  • Payment Card Industry Data Security Standard (PCI DSS): As a Qualified Security Assessor (QSA), our Approved Scanning Vendor team helps organisations who sell or take donations or payments by credit card to become and stay compliant with the PCI DSS, ensuring they do not risk fines or being permanently barred from the card acceptance programme in the event of a security breach.
  • Forensics (Incident Response & Investigation Services): If your systems have been attacked or if you require forensically sound investigation of suspected computer abuse our Computer Forensic Incident Response & Investigation Services deliver a professional service based on real technical expertise and investigation experience.

news


CESG appoints NCC Group

The legal security blanket

Home Office Online Activity Surveillance Idea

NCC Group becomes accredited QSA for PCI DSS

report portal


Penetration Testing Portal





click here to access the secure report delivery portal

accreditations


CREST

CESG - CTAS


CESG - CLAS


CESG - CHECK

Click here to view the latest article on 'The real cost of stolen laptops'

Click here to view NCC Groups' security newsletter

top of page

Website © Copyright 2006-2008 NCC Services Ltd - all rights reserved

NCC Group - Software Escrow Services, Verification Testing, Assurance Testing, Penetration Testing, & Consultancy