Technical Advisory Practice

NCI Security has extensive experience in providing best-in-class technical security solutions to government, corporate, and individual clients. Our team includes thought leaders in vulnerability research, data and event correlation, and security product design, implementation, and evaluation. NCI Security's intelligence analysis group ensures that security information is up-to-date, relevant, and actionable.

From staff augmentation to participation in and leadership of specific projects, NCI Security can help your organization manage tactical risk and respond to incidents in a controlled, methodical manner. Example technical advisory services include the following (click the headings for more detail):

• Vulnerability and Threat Analysis
  Our groundbreaking methodology for quantitative threat assessment has garnered multiple awards and accolades, and has resulted in validated risk reduction at organizations that have implemented it. Our team has multiple years of experience performing analysis of emerging vulnerabilities, both general and industry-specific. We can tailor a vulnerability analysis program to fit the needs of any organization.
• Security Event Monitoring / Correlation System Development
  Our staff has been involved in the development of state-of-the-art advanced correlation systems for new technologies such as Advanced Metering Infrastructure. The techniques developed for monitoring these networks are applicable to all complex network environments and can help detect anomalous behavior from security incidents to customer fraud.
• Secure Network Design and Testing
  Transmission of critical business and operational data requires a secure, robust network infrastructure. Our network engineers have been involved in designing and managing some of the world's most critical networks, from electric and gas operations to international financial networks processing trillions of dollars per day. We know how to design survivable, secure networks to protect your business.
• Security Product Design and Development
  Critical infrastructure owners have unique security requirements that can remain unaddressed by commercial product offerings. We have experience designing and customizing security products and services to meet specific business and risk reduction objectives. Our expertise extends into custom code and integration with other products.
• Security Testing
  From general network penetration testing to specific application and code review, we have the expertise to perform comprehensive security assessments with thorough, actionable reporting of results.
• Security Technology Evaluation, Recommendation, and Deployment
  When your business requirements specify a general set of security controls, we can help define, implement, and support appropriate risk reduction efforts. Our team is in the vanguard of technological development and can recommend successful strategies to secure your critical operations.
• Documentation and Presentation
  Creating technical documentation and presentations for a wide variety of audiences is difficult. We have experience in developing, editing, and presenting technical works for all levels of the organization, from the board room to the SOC.
• Classified and Public Intelligence Analysis
  Critical infrastructure requires continuous analysis of emerging threat and vulnerability information. We have access to some of the best open and non-public sources of information that is relevant, actionable, and vital to your security operation.