NCC Group
FTSE 250 global cybersecurity and software resilience firm offering technical assurance, managed detection, and incident response.
CompanyPenetration Testing FirmsCloud
Pricing: Custom (contact sales)
Updated June 2026.
What is NCC Group?
NCC Group was formed in 1999 when the National Computing Centre's commercial divisions were spun out and is headquartered in Manchester, listed on the London Stock Exchange. With 2,000+ staff across the UK, North America, Europe, and APAC, the group operates technical assurance, managed services, and software escrow divisions and is a founding CREST member.
Best for: Regulated enterprises and public-sector buyers wanting CREST-accredited testing, MDR, and software escrow under one global vendor
Pros
- ✓ Founding CREST member with deep accreditation across CHECK, CBEST, and TIBER-EU
- ✓ Recognised research output, including former Cryptography Services and Exploit Development Group
- ✓ Broad global delivery footprint with UK government-cleared consultants
- ✓ Combines offensive testing with MDR, IR, and escrow under one umbrella
Cons
- ✗ Public company under cost-discipline pressure with periodic restructurings
- ✗ Project-based pricing per engagement, no public rate card
- ✗ Breadth of services means specialist depth varies by region and practice
Key Features
→Penetration testing across applications, infrastructure, and networks
→Red team and adversary simulation aligned to CBEST, TIBER-EU, STAR
→Hardware, embedded, and IoT security assessments
→Cloud and container security review
→Digital forensics and incident response retainers
→Managed detection and response (MDR) and 24/7 monitoring
→Threat intelligence and threat hunting
→Cyber risk consulting and compliance advisory
→Software escrow and source-code verification
What People Are Saying
Real discussions and resources from the community.
Quick Info
| Pricing | Custom (contact sales) |
| Model | Project + retainer + managed services |
| Founded | 1999 |
| Cloud | Yes |
| Self-Hosted | No |
Last updated: Jun 2, 2026
NCC Group Alternatives
View All AlternativesBishop Fox
Offensive security firm pairing high-end penetration testing...IOActive, Inc.
Independent global research-driven security consultancy spec...Mandiant (part of Google Cloud)
Elite incident response and offensive security consultancy o...Praetorian
Offensive security firm delivering continuous penetration te...Trail of Bits
High-end security research and engineering firm known for de...
Offensive security firm pairing high-end penetration testing...IOActive, Inc.
Independent global research-driven security consultancy spec...Mandiant (part of Google Cloud)
Elite incident response and offensive security consultancy o...Praetorian
Offensive security firm delivering continuous penetration te...Trail of Bits
High-end security research and engineering firm known for de...
Certifications
CRESTCHECKCBESTTIBER-EUPCI DSSISO 27001