Technical Advisory Practice
NCI Security has extensive experience in providing best-in-class technical security solutions
to government, corporate, and individual clients. Our team includes thought leaders in
vulnerability research, data and event correlation, and security product design, implementation,
and evaluation. NCI Security's intelligence analysis group ensures that security information is
up-to-date, relevant, and actionable.
From staff augmentation to participation in and leadership of specific projects, NCI Security
can help your organization manage tactical risk and respond to incidents in a controlled,
methodical manner. Example technical advisory services include the following (click the headings for more detail):
Vulnerability and Threat Analysis
Our groundbreaking methodology for quantitative threat assessment has garnered
multiple awards and accolades, and has resulted in validated risk reduction at
organizations that have implemented it. Our team has multiple years of experience
performing analysis of emerging vulnerabilities, both general and industry-specific.
We can tailor a vulnerability analysis program to fit the needs of any organization.
Security Event Monitoring / Correlation System Development
Our staff has been involved in the development of state-of-the-art advanced correlation systems
for new technologies such as Advanced Metering Infrastructure. The techniques developed for
monitoring these networks are applicable to all complex network environments and can help
detect anomalous behavior from security incidents to customer fraud.
Secure Network Design and Testing
Transmission of critical business and operational data requires a secure, robust network
infrastructure. Our network engineers have been involved in designing and managing some of
the world's most critical networks, from electric and gas operations to international
financial networks processing trillions of dollars per day. We know how to design survivable,
secure networks to protect your business.
Security Product Design and Development
Critical infrastructure owners have unique security requirements that can remain
unaddressed by commercial product offerings. We have experience designing and
customizing security products and services to meet specific business and risk
reduction objectives. Our expertise extends into custom code and integration
with other products.
From general network penetration testing to specific application and code review, we
have the expertise to perform comprehensive security assessments with thorough, actionable
reporting of results.
Security Technology Evaluation, Recommendation, and Deployment
When your business requirements specify a general set of security controls, we can help define, implement,
and support appropriate risk reduction efforts. Our team is in the vanguard of technological development
and can recommend successful strategies to secure your critical operations.
Documentation and Presentation
Creating technical documentation and presentations for a wide variety of audiences is difficult.
We have experience in developing, editing, and presenting technical works for all levels of the
organization, from the board room to the SOC.
Classified and Public Intelligence Analysis
Critical infrastructure requires continuous analysis of emerging threat and vulnerability
information. We have access to some of the best open and non-public sources of information
that is relevant, actionable, and vital to your security operation.