16 December 2025 - NCC Group, a people-powered, tech-enabled global cyber security and resilience business, has partnered with Qualys, a leading provider of cloud-based IT, security, and compliance solutions.
By embedding Qualys’ advanced asset discovery and risk management capabilities into its managed service, NCC Group delivers a comprehensive Attack Surface Management (ASM) solution that combines cutting-edge technology with expert oversight.
This integration enables NCC Group to:
- Provide real-time asset discovery and visibility, across internal and external environments
- Continuously monitor and identify risks, vulnerabilities, and misconfigurations
- Empower clients to focus on impactful security remediation rather than time-consuming analysis
By uncovering hidden assets including shadow IT, ASM ensures organisations know what they’re protecting. It strengthens foundational security by identifying critical assets, vulnerabilities, and ownership. And when incidents occur, ASM enables rapid response by showing exactly where to focus mitigation efforts for maximum impact.
Many organisations face a growing cyber security skills shortage, making it challenging to maintain visibility and control over complex IT estates. NCC Group’s ASM managed solution, powered by Qualys technology, helps overcome this challenge by delivering three essential outcomes: visibility, prioritisation, and actionable intelligence.
Through automated asset discovery and continuous monitoring, the service removes the subjectivity of self-reporting and transforms raw data into actionable insights. This allows in-house teams to concentrate on remediation rather than identification, reducing time drain and risk exposure. Combining Qualys’ advanced technology with NCC Group’s expert-led guidance, the solution empowers organisations to proactively manage risk and strengthen their security posture.
Graham Francis, SVP, Global Managed Services, NCC Group commented:
“In-house security teams are stretched to breaking point trying to wade through data and prioritise mitigating threats. Many organisations believe they have full visibility of their estate, but the reality is that without advanced technology, blind spots remain.”
“Working with Qualys enables NCC Group to offer a managed service that combines Qualys’ automated asset discovery to eliminate those blind spots and prioritisation of risk with our expert analysis, giving our clients a complete and accurate view of their attack surface and risk appetite. This means internal teams can focus their time and energy on critical remediation, rather than identification.”
“Organisations today already face an uphill battle guarding against a complex attack surface; it’s harder still to protect against internal and unknown threats,” said Christopher Catanzaro, vice president of global channels and alliances at Qualys. “By teaming up with NCC Group, Qualys is making our powerful ASM solutions accessible to more organisations to help reduce their risk. Together, we’re helping security teams move from reactive defence to proactive, intelligence-driven risk reduction.”
Industry data underscores the importance of this approach: organisations often underestimate the number of assets in their environment, with automated discovery frequently revealing significantly more than initially reported. This highlights the critical need for continuous, automated discovery to stay ahead of evolving threats.
Together, NCC Group and Qualys are committed to helping organisations secure every asset — known and unknown — before attackers can exploit them.