DRA ENTERPRISES 
IT CONSULTING, BUSINESS DEVELOPMENT, AND GOVERNMENT RELATIONS 
TECHNOLOGY TO ENABLE SUCCESS, REDUCE RISK, AND SAVE MONEY 

  Featured Events  

   May 5-6, 2008 - Athens, Greece  
  May 7-8, 2008 - London, United Kingdom  
  May 12-14, 2008 - Tokyo, Japan  
  June 1-6, 2008 - GFIRST, Orlando, Florida  
  June 11, 2008 - Toronto, Canada  
  July 27-29, 2008 - Durban, South Africa  

HOME

CALENDAR

DRA ENTERPRISES

SECURE ANCHOR

ECHELON ONE

TECHNOLOGIES

INTERNET LAW GRP

INTL CYBER CENTER


NEWS

DIRECTORY

CYBERCRIME.TV


3VR

BIGFIX

DIGITAL BRIDGE

KOOLSPAN

LANCOPE

NETWITNESS

SOTERIA


BOOKSTORE

APPLE STORE

CIRCUIT CITY

PC CONNECTION

RADIO SHACK

TIGERDIRECT
Secure Anchor Consulting

Secure Anchor Consulting is a worldwide leader in Information Security Services for public and private enterprise. Whatever your needs, from threat assessment to proactive systems integration, Secure Anchor has the vast experience and expertise to keep your personal and corporate property where it belongs: in your hands and under your control.

Secure Anchor's mission is to keep your business focused by helping you navigate the sea of security threats that organizations face on a daily basis. Secure Anchor provides creative solutions that keep you ahead of the attacks and provide peace of mind that your critical assets are securely anchored.

For more information on how Secure Anchor Consulting can help you, send an email to SecureAnchor@AndyPurdy.com.

Key Service Offerings

Everything we do is focused on giving you a competitive advantage. Our distinctive solutions are customized to meet your specific security requirements and needs. Our services include:
  • Independent Assessment - If you lack the resources to address security issues, consider an independent assessment. It will pinpoint high-risk areas and provide creative recommendations to secure your environment.

  • Penetration Test - This is an advanced simulation of attackers trying to find ways into your organization. While most of our competitors only focus on success or failure, we team with you to provide high-end testing that identifies a full list of vulnerabilities.

  • Threat Analysis - In order to defend your network you need to appreciate how hackers work and operate. Secure Anchor specializes in understanding the techniques, tools and mindset of attackers. This allows us to provide real-world solutions that help you focus on critical areas.

  • Intellectual Property Analysis - To protect your intellectual property, you need to identify what it is. Secure Anchor has worked with many organizations and venture capital firms to identify critical intellectual property and areas that could be patented.

  • Network Design and Security - Secure Anchor specializes in the total network integration process. We assist organizations like yours in building networks from the ground up, filled with robust security and functionally.

  • Product Analysis - Some organizations are already aware of their key threats and vulnerabilities and simply need assistance in deciding what solutions to implement. By performing a thorough requirements analysis, we can make solid recommendations that match your security profile.

  • Writing and Presenting - Secure Anchor consultants are experts in their respective fields and are constantly writing and presenting on key topics. As master presenters, we can help you promote your products and provide better visibility into new markets.

  • Technical Market Analysis - Secure Anchor provides consulting services to help better position products and make additional sales. We offer keen insight as to what new clients in emerging markets may need, with sensitivity towards the investment they are willing to make.

  • Compliance Analysis - With new regulations constantly being passed it's critically important that companies stay aware and compliant. Secure Anchor has unique solutions for helping organizations achieve compliance with mandates such as PCI, SOX, GLBA and HIPAA.

  • General Consulting - Occasionally, customers are not certain what their needs are or where to begin. Our consultants are highly skilled and work with you to help identify high-risk items and the best course of action.

Books and Security Projects

Secure Anchor Consulting's team members are actively involved in developing, creating, authoring, and editing a long list of international industry best-selling publications and open source tools.

    Books

    • Cyber Spying
    • Hackers Beware
    • Hiding in Plain Sight
    • Insider Threat
    • Network Security Bible

    Affiliations

    • The SANS Institute
    • HTCIA
    • Internet Storm Center
    • IEEE
    • CVE
    • ACM
    • OVAL
    • George Washington University
    • Center for Internet Security
    • US Naval Institute


Commonly Asked Questions

In this section, Secure Anchor Consulting has included specific answers to commonly asked questions posed by clients.
  1. How will the confidentiality of the project and its results be protected?

    Client confidentiality and protection of client-provided information is a matter of great importance to Secure Anchor Consulting. Clients providing their most sensitive corporate information expect that information to be strictly controlled.

    We apply the following redundant, reinforcing practices to protect client identity and information:

    • Internal to Secure Anchor Consulting, your company will be assigned a code name that will be used on internal correspondence, financial records, and other correspondence.

    • Contract correspondence and other administrative written communications will be maintained only with the Secure Anchor Consulting contracts representative. Even among Secure Anchor Consulting team members, only the code name is used in written or oral communications.

    • Your company's documents will be stored in locked, alarmed facilities.

    • All members of the Secure Anchor Consulting team have signed non-disclosure agreements that bind them to protect client identity and information.

  2. Will you retain a copy of the final report and if yes, for what purpose?

    During our typical engagements, we keep one copy of our final deliverable at secured Secure Anchor Consulting facilities. All other information gathered during the engagement is returned to the client or securely destroyed. The purpose for our retention of one copy of the final deliverable is for future reference by the client only.

    On several occasions, sometimes after a year or more, clients have lost our results. Secure Anchor Consulting's back-up copy has proven quite useful to these clients in retracing their security programs and ensuring that proper corrective actions have been taken. While this keeping of one copy of the final deliverable is our common practice, Secure Anchor Consulting can, at your company's request, destroy all copies of the final report in our possession, if that best suits your needs.

  3. What is the hiring policy of your company particularly with regards to 'ex-hackers?'

    It is the policy of Secure Anchor Consulting to be responsible for ensuring that all personnel hiring policies, procedures, and activities are in full compliance with all applicable Federal, State, and local EEOC and ADA statutes, rules, and regulations. Assessment and hiring for all job classifications are based upon:

    1. Job-related criteria of qualifications
    2. An objective review of the candidate's qualifications
    3. Confirmation of basic pre-employment data (e.g., reference checks, employment verification, education validation)

    In order to maintain the highest level of security for the company as well as for the company's clients, Secure Anchor Consulting does not knowingly or willingly hire those individuals who have a prior criminal conviction. Secure Anchor Consulting adheres to all legal standards regarding interview questions related to potential arrest or conviction records. Secure Anchor Consulting does not knowingly or willingly hire those individuals who have a prior criminal history of hacking or cracking.

  4. What is your company's policy concerning outsourcing the work?

    In order to control the quality, consistency of performance, and confidentiality of client information, Secure Anchor Consulting does not typically outsource any of our services.

  5. Is your company vendor-neutral or are you affiliated with vendors whose products you are in the business of selling?

    Secure Anchor Consulting believes that to be an "honest broker" of security technologies and to provide solutions that are well suited for our client's environment, we should not market any particular security software or hardware products. Therefore, Secure Anchor Consulting does not directly or indirectly market any specific vendor's security products. We have access to a wide range of products that allows us to recommend appropriate, cost effective solutions based on a client's technical environment and business objectives.

  6. What is the primary business performed by your organization?

    Secure Anchor Consulting's business is providing information security services to commercial and government clients. Our focus is on offering a comprehensive set of security services in a product-neutral fashion. Our core services are Security Risk Assessments and ethical hacking tests. Additionally, Secure Anchor Consulting provides services in security architecture design, independent product evaluations, business continuity planning, incident response handling, and management of intrusion detection systems and firewalls.

  7. What is your experience level in conducting security risk assessments and what is the experience level of the particular consultants to be assigned to this project?

    Secure Anchor Consulting has performed numerous security support activities for a variety of businesses. The team to be assigned to your company will consist of an overall technical lead, with detailed knowledge of your industry and its associated security issues.

  8. What can we gain from utilizing a consulting company that we cannot get from performing an assessment on our own using licensed tools?

    By using a consulting company focused on information security, your company gains several advantages, including:

    • A more detailed knowledge of vulnerabilities and risks based on current threats: Secure Anchor Consulting supports numerous institutions and other businesses in securing their infrastructures against attack. With this background, we have a detailed knowledge of the types of attacks currently occurring and their impact on organizations.

    • Knowledge beyond the tools: Our expert risk assessment personnel do use commercial tools in our assessments. However, their skill set goes beyond the tools. The assessment tools provide an initial set of vulnerabilities that our experts use to reverse engineer the network and systems to go deeper than the surface of vulnerabilities. This deeper view allows us to understand the risks in more detail and form a more thorough picture of security for your company.

    • Real-world, time-tested recommendations for improving security: Again, with our experience in supporting numerous companies in addressing security risks, Secure Anchor Consulting recommends tried-and-true solutions for mitigating or eliminating risks and vulnerabilities.

    • An independent, neutral view of information security: Secure Anchor Consulting brings a neutral, industry-expert perspective of information security to your company. Often, this independent view of the information security risks of an organization can minimize the resistance or political opposition within an organization to help foster a more secure environment.

    Secure Anchor Consulting offers a wide variety of consulting and engineering services in all of the security disciplines related to protecting the confidentiality, integrity, and availability of information assets and systems. Secure Anchor Consulting also dedicates a large amount of time to security product evaluations, including hands-on analysis of software tools. We therefore are current on virtually all tools that are available for use in this type of an engagement.

    By selecting a consulting firm like Secure Anchor Consulting, your company can employ persons who are the leaders in the security field while not having to invest in the ongoing cost of hiring, training and maintaining such a staff.

  9. Will any aspect of the security risk assessment interfere with network operations? Do you perform any type of analysis that could disable the network?

    Secure Anchor Consulting will work closely with your company representatives during the assessment to ensure that there will be no impact to business processes, system integrity, or current controls. No internal network scanning will be performed unless in the presence of your company's representative, or unless the appropriate your company point of contact has been informed of the testing.

    Secure Anchor Consulting's team is highly aware of the operational risks associated with the test scans and takes precautions not to disrupt service. Secure Anchor Consulting will mitigate the risk of service disruption by monitoring the response times of remote systems and will discontinue testing if performance problems are discovered.

    The risk is also addressed by establishing a communications channel between the Secure Anchor Consulting Technical Lead and the your company primary point of contact. If your company personnel decide to discontinue a test in progress, members of the Secure Anchor Consulting team have cellular telephones and pagers and can be contacted instantly.

    Furthermore, the test activities are not designed to modify or destroy information systems. The objective of these tests is to collect data, obtain system configuration information, and attempt unauthorized access to the application and infrastructure.
© 2008 by AndyPurdy.com and DRA Enterprises, Inc. All rights reserved. | TERMS OF USE | PRIVACY | CONTACT