National Cyber Security Auditing and Evaluation Lab (NCSAEL) will emphasize on following three main core areas for accomplishment of its goals:
NCSAEL will design and develop Security Assessment tools (for applications and OS) that will help perform security evaluation of existing foreign and local software, mobile applications (both Android and iOS), web applications and embedded applications (firmware) in accordance with the internationally recognized IT evaluation standards namely Common Criteria, NIST/FIPs etc. The lab will also develop Security Compliance Assessment toolkit for Windows and Linux OS in order to guarantee right and secure configurations in accordance with the CC protection Profiles (PP).
NCSAEL will focus on development of indigenous malware sandbox that would help in early detection of zero-day vulnerabilities/ APTs thereby thwarting the risk of ever-escalating cyber-attacks. To preserve the security and anonymity of data over the insecure Internet, a secure VPN will also be developed which will provide a dedicated and secure connection for all stakeholders.
Since Pakistan is only a certificate-consuming member of CCRA, NCSAEL will help organizations prepare for the security evaluation of their local products by the CCTL. Also, it will formulate a National Technology Framework, to standardize the security practices in the country.
Our core members and researchers are academics, developers, administrators and MS/PhD students. Our industrial partners are public and private cyber security organizations that advise us on the design, implementation and commercialization of the R&D work originating from our Lab.
Dr. Ashraf Masood
IT Security Assessment
Dr. Muhammad Faisal Amjad
Advanced Threat Protection
Dr. Imran Rashid
Preparedness for CCTL assessment