National Cyber Security Auditing and Evaluation Lab (NCSAEL) will emphasize on following three main core areas for accomplishment of its goals:
NCSAEL will design and develop Security Assessment tools (for applications and OS) that will help perform security evaluation of existing foreign and local software, mobile applications (both Android and iOS), web applications and embedded applications (firmware) in accordance with the internationally recognized IT evaluation standards namely Common Criteria, NIST/FIPs etc. The lab will also develop Security Compliance Assessment toolkit for Windows and Linux OS in order to guarantee right and secure configurations in accordance with the CC protection Profiles (PP).
NCSAEL will focus on development of indigenous malware sandbox that would help in early detection of zero-day vulnerabilities/ APTs thereby thwarting the risk of ever-escalating cyber-attacks. To preserve the security and anonymity of data over the insecure Internet, a secure VPN will also be developed which will provide a dedicated and secure connection for all stakeholders.
Since Pakistan is only a certificate-consuming member of CCRA, NCSAEL will help organizations prepare for the security evaluation of their local products by the CCTL. Also, it will formulate a National Technology Framework, to standardize the security practices in the country.
Our core members and reserchers are academics, developers, administrators and MS/PhD students. Our industrial partners are public and private cyber security organizations that advise us on the design, implementation and commercialization of the R&D work originating from our Lab.
IT Security Assessment
Advanced Threat Protection
Preparedness for CCTL assessment