NGSSoftware

Intelligent Solutions for an Evolving World

In the fast–moving world of software security it pays to have allies you can trust. Government, business and software vendors all turn to the global expertise of NGSSoftware for the protection they need. You can rely on us too...

Read more on why you should choose NGSSoftware.

NGSSQuirreL

The world's most comprehensive database security assessment scanner.
The best tool for database vulnerability assessment, compliance and verification.
Accurate, fast and intuitive.

NGSSQuirreL is the best tool available for verifying the security posture of your organization's database infrastructure, performing accurate vulnerabilty assessments and policy verification. NGSSQuirreL is the trusted tool of choice for SOX, PCI and HIPAA compliance More about NGSSQuirreL >

"Overall I found NGSSQuirreL's power, flexibility, and speed impressive,... I highly recommend these products for auditing production and development SQL Server instances on a regular basis" – Michael Coles, SQLServerCentral.com

Download NGSSQuirreL trial »

Typhon III

Combining world class research & consultancy experience.
Incorporating over thirty distinct application modules.
Quickly and accurately assess enterprise environments.

NGSSoftware's Typhon III vulnerability scanner transforms the process of discovering and fixing infrastructure... More about Typhon III >

"This is the best general vulnerability scanner I've found with respect to dealing with security issues for database servers..., I was impressed with how rapid it was able to perform the scans and how accurate the reports were..., The documentation is awesome, especially when it discovers a vulnerability" – Brian Kelley, SQLServerCentral.com

Download Typhon III trial »

Featured Client Testimonial

AnchorIS logo

"Vulnerability clearing houses like CERT used to be well-regarded arbiters of what matters in security. But now CERT has a reputation of selling off vulnerability information to private parties, and researchers like David and Mark Litchfield have stopped bringing the organisation into the loop. There is not much point in having such an organisation if folks like the Litchfield's won't play with you." Tim Mullen, Chief Information Officer

Queen's Award 2007

NGSSoftware are delighted to announce that we are winners of the Queen's Award for Enterprise: International Trade 2007.

Tech Track 100

NGSSoftware ranked in the Sunday Times Tech Track 100 League Table for 2007.

Security Advisories

Critical Vulnerability in SNMPc

High Risk Vulnerability in Real Player (ID3 tags)

Medium Risk Vulnerability in Java Browser Plugin

Stay on top of all the latest software security issues. Subscribe to our advisories RSS feed today.

Latest News

SC AWARDS EUROPE 2008: Winners announced

David LeBlanc’s 15 Most Influential Security People

OWASP AppSec Europe 2008

NGSSoftware wins Best Security Company at SC Awards 2008

Research Insights

Our white papers define the industry.

Black Hat USA 2007

VoIP Security: Methodology and Results (Barrie Dempster); Hacking the Extensible Firmware Interface (John Heasman); Attacking the Windows Kernel (Jonathan Lindsay)

DNS Pinning and Web Proxies

Dafydd Stuttard's latest paper takes a look at how to prevent DNS-based attacks against web proxies.

A Simple and Practical Approach to Input Validation

David Soldera outlines why converting user input to XML could reduce security issues arising from poor input validation.

Oracle Forensics [UPDATED]

David Litchfield's new series of papers on performing a forensic analysis of a compromised Oracle Database Server. [Part1, Part2, Part3, Part4, Part5, Part6]