SECFORCE vs NCC Group
Side-by-side comparison of SECFORCE and NCC Group for penetration testing services. Compare their services, accreditations, compliance expertise, pricing, and overall scores.
SECFORCE leads in our overall scoring, primarily on the strength of strong overall performance. That said, scores don't tell the full story — the right provider depends on your specific testing scope and compliance requirements. Both hold CREST accreditation, but their credentials diverge beyond that — SECFORCE additionally carries Cyber Essentials, while NCC Group holds CHECK and CBEST. NCC Group's CHECK status also makes it eligible for UK government testing. Both operate at a global level but from different home bases — SECFORCE in London and NCC Group in Manchester — which can affect response times and familiarity with local regulatory environments. There's a meaningful size gap: NCC Group (500+ team) brings deeper bench strength and capacity for concurrent engagements, while SECFORCE (11-50 team) offers the smaller firm advantage of senior-led engagements and direct access to principal consultants.
| SECFORCE | NCC Group | |
|---|---|---|
| Headquarters | London, United Kingdom | Manchester, United Kingdom |
| Founded | 2006 | 1999 |
| Team Size | 11-50 | 500+ |
| Pen Testers | — | — |
| Geography | Global | Global |
| Markets | UK, Europe, APAC, Middle East, Global | Global, UK, North America, Europe, APAC |
| Pricing | — | — |
| Services | Web ApplicationNetworkMobile AppIoTCloudAPIRed TeamingWirelessSource Code ReviewConfiguration ReviewVulnerability AssessmentAssumed BreachAI & LLM | Web ApplicationNetworkMobile AppIoTCloudAPISocial EngineeringRed TeamingPurple TeamingPhysicalWirelessSCADA/ICSVulnerability AssessmentSource Code ReviewConfiguration ReviewAssumed Breach |
| Accreditations | CRESTISO 27001Cyber Essentials | CRESTCHECKCBESTISO 27001SOC 2Cyber Essentials PlusNCSC AssuredPCI QSACouncil of Registered Ethical Security Testers |
| Compliance | ISO 27001PCI DSSGDPRNIS 2DORANIST CSF+1 | ISO 27001SOC 2PCI DSSGDPRNIS 2DORA+2 |
| Best For | EnterpriseMid-MarketGovernmentCritical InfrastructureStartup | EnterpriseGovernmentCritical Infrastructure |
| Methodologies | OWASP, OSSTMM, NIST, CREST, CBEST | OWASP, PTES, CREST, CBEST, OSSTMM, TIBER-EU |
Shared Services (12)
Only SECFORCE (1)
Only NCC Group (4)
Comparison FAQs
How does SECFORCE compare to NCC Group?+
SECFORCE is headquartered in London, United Kingdom and offers 13 services. NCC Group is based in Manchester, United Kingdom with 16 services. Both providers offer 12 services in common.
Which provider has more accreditations?+
SECFORCE holds 3 accreditations (CREST, ISO 27001, Cyber Essentials), while NCC Group holds 9 (CREST, CHECK, CBEST, ISO 27001, SOC 2, Cyber Essentials Plus, NCSC Assured, PCI QSA, Council of Registered Ethical Security Testers).
What services are unique to each provider?+
SECFORCE uniquely offers: AI & LLM. NCC Group uniquely offers: Social Engineering, Purple Teaming, Physical, SCADA/ICS.
Have you worked with SECFORCE or NCC Group? Help others decide.