enterprise services to prevent, prepare, and protect against cyber risk.
Anchor provides a full spectrum of cybersecurity services assisting our clients with all aspects of cybersecurity risk planning, identification, management, and monitoring.
Services by Engagement Type
Anchor provides varying engagements depending on your organization’s budget, risk profile and requirements. Many options can be assembled into larger or smaller customized offerings. Our solutions consultants can help you choose which engagements best fit your needs.
Risk planning services provide your organization with an appropriate and tuned approach to securing its brand and assets. Without a plan for security, elements in your program may be incomplete or may be misaligned with your risk profile. Anchor’s solutions include atStrategy, atCISO and atPlan.
- atStrategy | Formally defines strategic objectives and prioritizes them according to the mission and budget of the organization.
- atCISO | The virtual Chief Information Security Officer provides a resource to help guide and execute the strategic plan.
- atPlan | These provide key plans supporting compliance and best practice requirements, including the Information Security Policy, IR Plan, BC/DR.
Assessment services provide your organization with a map to cyber risk present in the environment. These offereings allow you to identify the risk in advance so that you can remediate that risk before an attacker exploits the weakness.
- atVuln | An investigative process to identify and review any technical vulnerabilities that are found on the network. Focusing on both an external (Internet) and internal perspectives, ATI reviews all IP addresses on the network.
- atAssess | atAssess is designed to provide a snapshot of your organization’s current implementation of security controls and policies. It provide a perspective on current operatonal maturity as it relates to your cybersecurity program.
- atArch |An Architecture Review evaluates an organization’s networks and relationship among them from a security perspective. It also reviews the various security zones and the data flows among them. The goal of this review is to identify weaknesses being created or exacerbated by network architecture elements.
- atTech | The Technical Controls Review focuses on all of your technical security controls and systems including firewalls, intrusion detection/prevention systems, anti-malware, mobile device management systems and endpoint protection solutions. Each control is individually reviewed and scored providing detailed findings and recommendations.
Risk testing services provide your organization with an real world evaluation of the performance of configuration, staff and technical cyber security controls. These are ethical hacking exercises designed to replicate real-world hacking techniques and methodologies. Typically, you want to test your environment after you have remediated known weakness discovered previously in an assessment.
- atAttack | Penetration testing is offered in various forms focusing on specific areas, such as the network, wireless, an application or the people. All testing follows the accepted PTES or OWASP standards for thorough and safe testing.
- atRedTeam | The Red Teaming exercise is a Penetration with fewer boundaries relating to safety and scope. These are generally specifically designed for the envionment and desired outcomes. These exercises are often run without advance staff knowledge or participation and test controls as well as staff reaction and response capability.
Compliance services provide your organization with an understanding or current state complaince with a standard or regulation. Currently, Anchor offers Risk and Complaince assessments for the following standards:
– Center for Internet Security’s 20 Critical Security Standards (CIS CSC)
– NIST Cyber Security Framework (NIST CSF)
– NIST FISMA suite of requirements including the SSP and PoAM
– ISO/IEC 27001
– PCI DSS Sections 11.2 & 11.3
– HIPAA / HITECH
– NIST 800-53
– NIST 800-171
– CMMC v.07+
– AICPA SSAE16 SOC2 Type II
- atComply | The compliance assessment reviews all controls defined in the target standard or regulation and score each control and sub control against 8 different characteristics providing a very detailed current state analysis and a detailed remediation plan to achieve full compliance.
- atPlan | These provide key plans supporting compliance and best practice requirements, including the Information Security Policy, IR Plan, BC/DR. Theses offereings can also include plans specific to the requirements in a standard or regulation such as a Systems Security Plan or a Statement of Applicability for example.
Outsourced technical expertise to augment your IT staff.
From installation to configuration to patch management. As needed, on demand.
Anchor has deep experience with most industries and leverages this experience to provide a tailored and custom fit with engagements that meet your specific needs.
Design and Procurement Services
We offer best of breed solutions and security controls from most of the leading manufacturers in the cybersecurity space as well as additional vendors, such as VMware, Microsoft and Cisco. Our design engineers maintain top level manufacturer certifications and design small and large product solutions. We support many procurement vehicles including leasing options, credit card, government, check or wire transfer.
Integration Engineering and Support
Once you have procured your new security controls it is important to implement the products as completely and correctly as possible. Our engineers implement these products every day and have experience in many different size environments as well as special circumstances, such as “zero” down time environments and highly controlled environments.
Security Control Check-up
Ensuring that your technical security controls and products are properly implemented and secured is a foundational step to securing your environment. We offer an engagement to review the current control(s) and their implementation completeness, control selection appropriateness as well as six additional dimensions of review. This engagement ensures that your cybersecurity products are really providing the security you think they are.
Cybersecurity is ever evolving; keep pace with education and training.
Our in person instructor led classes are taught in our Authorized Training Center. Comprehensive education and training to expand your security knowledge.
Check Point Technical Certification Training
Check Point security training aligns with the Check Point Core training as well as additional speciality classess (Product Training) focused on advanced skills. The Check Point certified administrator and engineering classes run monthly and the addtional classes run as demand supports them. Please let us know if you are interested in classess beyond the CCSA or CCSE. firstname.lastname@example.org
CompTIA Certification Training
CompTIA offers many certifications and our program focuses on the cybersecurity cirruclum. Specifically the Network+ and the Security+. Both of these serve as great foundational courses for security practioners. These courses are taught by experienced security consultants and network engineers with each over 15 years of real world field experience.
Check Point Cybersecurity Administrator (CCSA)
The CCSA course is essential for security administrators who want to configure security policies, secure communications across the Internet, defend against network threats, and manage a secure network. This course covers concepts and skills necessary to implement, configure and maintain Check Point Software Blades including Firewall, IPSEC VPN, IPS, IPSO, network policy management, logging, status and monitoring, URL filtering, anti-virus, anti-malware, anti-spam & email security.
Check Point Cybersecurity Expert
The advanced course teaches how to build, modify, deploy and troubleshoot Check Point Security Systems on the GAiA operating system. Hands-on lab exercises teach how to debug firewall processes, optimize VPN performance and upgrade Management Servers.
CompTIA Network+ helps develop a career in IT infrastructure covering troubleshooting, configuring, and managing networks.
The Network+ emphasizes skills to design and implement a functional network as well as configure, manage, and maintain essential network devices. It covers how to use devices such as switches and routers to segment network traffic and create resilient networks. Network + focuses on implementing network security, standards, and protocols as well as troubleshooting network problems and supporting the creation of virtualized networks.
CompTIA Security+ is a global certification that validates the baseline skills you need to perform core security functions and pursue an IT security career.
The Security+ emphasizes hands-on practical skills and supports DoD 8570 compliance. Security+ focuses on the latest trends and techniques in risk management, risk mitigation, threat management and intrusion detection. It covers the Junior IT Auditor/Penetration Tester job role, in addition to the job roles for Systems Administrator, Network Administrator, and Security Administrator.
Why Train with Anchor?
We are engineers like you and know what it takes to pull away from the office to focus on taking a class. Why not enjoy the experience? Why not train with engineers that use and implement the technology they teach? We are 20 minutes from BWI airport and half way between Washington, DC and Baltimore located in beautiful Columbia, MD.
We provide a great breakfast, lunch, snacks, sodas, coffee and water. Lunches are from popular well-known restaurants, such as as Jimmy John’s, Chik-fil-a, Chipotle, Little Caesar’s, Dunkin’ Donuts and Panera. No hotel food.
Our instructors have over 15 years experience with the technology they teach. They are real engineers that have implemented the solutions in 100’s of organizations.
Anchor training facilities are purpose built for advanced technical training. The equipment is new and powerful. No waiting for screens to load, or dealing with hotel room setups thrown together.
Start Your Path to Protection Today
True cybersecurity is a journey. Threats and vulnerabilities are ever evolving. Define your strategy, identify your risk, and manage that risk today — before its too late.