NCC Group vs Secarma
Side-by-side comparison of NCC Group and Secarma for penetration testing services. Compare their services, accreditations, compliance expertise, pricing, and overall scores.
NCC Group leads in our overall scoring, primarily on the strength of industry accreditations and team research and activity. That said, scores don't tell the full story — the right provider depends on your specific testing scope and compliance requirements. Both hold CREST accreditation, but their credentials diverge beyond that — NCC Group additionally carries CBEST and SOC 2, while Secarma holds Cyber Essentials. From a delivery standpoint, NCC Group operates globally from Manchester, while Secarma operates at a national level out of Manchester. This matters for on-site testing, time zone alignment, and regional regulatory knowledge. There's a meaningful size gap: NCC Group (500+ team) brings deeper bench strength and capacity for concurrent engagements, while Secarma (11-50 team) offers the smaller firm advantage of senior-led engagements and direct access to principal consultants.
| NCC Group | Secarma | |
|---|---|---|
| Headquarters | Manchester, United Kingdom | Manchester, United Kingdom |
| Founded | 1999 | 2001 |
| Team Size | 500+ | 11-50 |
| Pen Testers | — | — |
| Geography | Global | National |
| Markets | Global, UK, North America, Europe, APAC | UK, Europe |
| Pricing | — | — |
| Services | Web ApplicationNetworkMobile AppIoTCloudAPISocial EngineeringRed TeamingPurple TeamingPhysicalWirelessSCADA/ICSVulnerability AssessmentSource Code ReviewConfiguration ReviewAssumed Breach | Web ApplicationNetworkMobile AppCloudWirelessRed TeamingVulnerability AssessmentConfiguration ReviewIoT |
| Accreditations | CRESTCHECKCBESTISO 27001SOC 2Cyber Essentials PlusNCSC AssuredPCI QSACouncil of Registered Ethical Security Testers | CRESTCHECKISO 27001Cyber EssentialsCyber Essentials PlusNCSC Assured |
| Compliance | ISO 27001SOC 2PCI DSSGDPRNIS 2DORA+2 | ISO 27001PCI DSSGDPRCyber EssentialsNIST CSF |
| Best For | EnterpriseGovernmentCritical Infrastructure | SMBMid-MarketEnterprise |
| Methodologies | OWASP, PTES, CREST, CBEST, OSSTMM, TIBER-EU | OWASP, PTES, NIST, CREST |
Shared Services (9)
Only NCC Group (7)
Only Secarma (0)
Comparison FAQs
How does NCC Group compare to Secarma?+
NCC Group is headquartered in Manchester, United Kingdom and offers 16 services. Secarma is based in Manchester, United Kingdom with 9 services. Both providers offer 9 services in common.
Which provider has more accreditations?+
NCC Group holds 9 accreditations (CREST, CHECK, CBEST, ISO 27001, SOC 2, Cyber Essentials Plus, NCSC Assured, PCI QSA, Council of Registered Ethical Security Testers), while Secarma holds 6 (CREST, CHECK, ISO 27001, Cyber Essentials, Cyber Essentials Plus, NCSC Assured).
What services are unique to each provider?+
NCC Group uniquely offers: API, Social Engineering, Purple Teaming, Physical, SCADA/ICS, Source Code Review, Assumed Breach Testing. Secarma uniquely offers: no unique services.
Have you worked with NCC Group or Secarma? Help others decide.