ISEC Partners, a pen-testing and security services consultancy that has been at the forefront of innovative research in the past half-decade, was acquired today by NCC Group of Manchester, England.
The Manchester Evening News reports the deal is worth £14.4M or just less than US$24M. NCC Group is a software escrow, application testing and secure access provider. This is NCC Group’s fourth acquisition in the network and security markets during the last two years; it has spent £40m during its shopping spree, the newspaper reports.
ISEC, meanwhile, offers penetration testing services, as well as secure development lifecycle services including secure framework development and fuzzing tool development and services. The company also touts its research capabilities. Its roster of researchers have been front and center at many major hacker conferences, including Source Boston and Black Hat Briefings.
This April at Source Boston, consultant Don Bailey and independent researcher Nick DePetrillo demonstrated research on cracking vulnerabilities in the GSM cellphone standard that could help track a user’s movements. At Black Hat 2009, iSEC researcher Zane Lackey and his partner Luis Miras demonstrated a MMS messaging spoof that would enable an attacker to interject himself in a message loop and act as the carrier. Also at Black Hat 2009, principal partner Alex Stamos conducted a session that alerted software as a service customers that they were not protected from government search and seizure actions against a SaaS provider. Stamos, in 2007, delivered a talk at Black Hat on vulnerabilities discovered in forensics software that could damage the credibility of evidence in a court case.
ISEC is based in San Francisco, and is expected to augment NCC’s UK business with a foothold in the U.S.