NCC Group’s Hardware and Embedded Services experts leverage decades of real-world engineering experience to provide pragmatic guidance on architecture and design, component selection, and manufacturing. It enables hardware and IoT producers to consider security in all phases of commercial product development, from first design to end-of-life, and advises organizations in implementing key security design principles and best practices into their hardware and embedded systems, including embedded OS protections, boot-chain of trust, and OTA update mechanisms, and provides silicon, circuit, and assembly review.
Headquartered globally in Manchester, UK, NCC Group is an FTSE 250-listed global expert in cybersecurity and risk mitigation. The firm advises global technology, manufacturers, financial institutions, critical national infrastructure providers, retailers and governments on the best way to keep businesses, software and personal data safe. With North American headquarters in San Francisco, the firm has over 35 offices around the world, including North America offices in New York, Chicago, Seattle, Atlanta, Austin, and Waterloo.
Through acquisition, the company’s North American Security Consulting Division combines the most trusted and technical security consultancies on the continent, including iSEC Partners, Matasano, Intrepidus Group, NGS, and VSR. The company employs more than 2,000 people and is a trusted advisor to 14,000 clients worldwide. NCC Group security consulting has built a strong reputation in the industry and business circles, consistently tackling technically-challenging security problems, supported by a commitment and dedication to security research. NCC Group’s consultants
have published works and make regular appearances at major industry events, including Hardwear.io, Black Hat USA and Europe, DEFCON, Hack in the Box, OWASP Appsec USA, Re:Invent, RECon, RSA, Shmoocon, SOURCE, Toorcon, Amazon’s ZonCon, and Microsoft’s BlueHat Security Briefings. They have produced hundreds of research results, including conference presentations, technology standards, open-source tools, blogs, research papers, technical advisories, and whitepapers.