2025 Annual
Research Report
At NCC Group, our Research advances cyber security by discovering vulnerabilities, building open‑source tools, and translating insights into practical guidance for customers and the wider community.
Our projects span vulnerability research and exploitation, network and system security, malware and ransomware analysis/DFIR, applied cryptography, hardware & embedded systems/IoT, and software/AI security – with a track record of publishing reports and tooling that strengthen real‑world cyber resilience.
For over 25 years, NCC Group researchers have contributed deep technical insight across industry and academia, presenting at global conferences and collaborating with partners worldwide.
2000+
person-days of security research annually
280
Open-source tools & datasets authored by NCC authors on our public Github
150+
CVEs found since 2020
Research Articles
Research
State of the Art of Private Key Security in Blockchain Ops - 4. Approvals and Policies
Research Activities
Security Research Services
Our Security Research Services help organisations answer complex, high‑risk cyber security questions that lie beyond standard consulting.
This work:
- Is funded by customers
- Often requires exploration of previously untested hypotheses
- Draws on expertise across cryptography, hardware, AI, vulnerability research, secure systems engineering and more
- Has delivered major projects for the UK public sector and North American technology companies, with ongoing expansion into new geographies
These services can range from feasibility research and prototype development to deep technical investigations that improve resilience, reduce uncertainty, or validate future defensive approaches.
Exploit Development Group (EDG)
The Exploit Development Group is NCC Group’s cutting-edge exploitation team.
They:
- Deliver high‑impact research with global recognition
- Present at top‑tier conferences worldwide
- Compete in events such as Pwn2Own on behalf of NCC Group
- Provide bespoke exploit development support to our consultants
- Offer secondment opportunities that develop elite exploitation skills within our technical teams
EDG ensures NCC Group remains an industry leader in vulnerability discovery, exploitation, and advanced security research.
Academic Partnerships
Our academic partnerships extend NCC Group’s mission by collaborating with universities and research institutions to:
- Support PhD and Masters-level research programmes
- Shape undergraduate teaching through challenges, curriculum contributions and student projects
- Deliver STEM outreach and careers engagement
- Build awareness of NCC Group as a destination for future cyber security professionals
These collaborations provide access to new technologies and early theoretical developments, while enabling the next generation of talent to gain hands‑on experience with real-world security problems.
Commercial research enquiries
