Praetorian vs NCC Group
Praetorian
Founded in 2010 by Nathan Sportsman and headquartered in Austin, Texas, Praetorian positions itself around 'continuous offensive security.' It pairs traditional consulting with Chariot, a platform combining external attack-surface management, continuous testing, and AI-driven workflow automation to surface exploitable issues on an ongoing basis.
Pros
- Chariot supports continuous, year-round testing rather than annual point-in-time pentests
- Strong engineering culture with mature internal tooling and automation
- Bootstrap-grown firm with stable leadership and long consultant tenure
- Service model designed to satisfy annual testing requirements across multiple frameworks in one program
Cons
- Chariot subscription pricing is enterprise-tier with no public list
- Primarily U.S.-based delivery with smaller international footprint
- Continuous-testing model is a poor fit for buyers needing only a single compliance pentest
Pricing: Custom (contact sales)
NCC Group
NCC Group was formed in 1999 when the National Computing Centre's commercial divisions were spun out and is headquartered in Manchester, listed on the London Stock Exchange. With 2,000+ staff across the UK, North America, Europe, and APAC, the group operates technical assurance, managed services, and software escrow divisions and is a founding CREST member.
Pros
- Founding CREST member with deep accreditation across CHECK, CBEST, and TIBER-EU
- Recognised research output, including former Cryptography Services and Exploit Development Group
- Broad global delivery footprint with UK government-cleared consultants
- Combines offensive testing with MDR, IR, and escrow under one umbrella
Cons
- Public company under cost-discipline pressure with periodic restructurings
- Project-based pricing per engagement, no public rate card
- Breadth of services means specialist depth varies by region and practice
Pricing: Custom (contact sales)