At Charis Technologies LLC, we offer a comprehensive array of Cybersecurity services that address diverse areas crucial to securing digital environments. Our expertise spans across key domains such as Assessment and Authorization (A&A), cybersecurity policy and operational procedure development, as well as cybersecurity engineering and architecture design. In addition, we conduct information assurance (IA) analyses, develop strategies, and recommend, implement, monitor, update, and maintain IA practices, procedures, equipment, processes, and solutions.
To ensure compliance with rigorous IA requirements, we align our approach with approved Risk Management Frameworks (RMF) and adhere to ISO 27001:2022 principles. Our dedicated team assists clients in implementing controls to prevent, limit, or detect access to computer resources, managing network device configurations to deter unauthorized access, and ensuring the overall integrity of systems.
Leveraging industry best practices and drawing upon the guidance of reputable institutions like the National Institute of Standards (NIST), we employ cutting-edge technologies to protect our clients’ mission-critical information. This proactive approach significantly enhances controls and reinforces the credibility of their cybersecurity environments.
- Penetration Testing, Incident Response, & Cyber Hunt
Our team conducts a range of critical activities to enhance cybersecurity, including network security testing and evaluation, computer security incident response, vulnerability analysis, security risk assessment, and auditing services for premise and cloud-based systems. These services reinforce an organization’s resilience to cyber threats and enable proactive security strategies.
- Risk Management Framework (RMF) and Information Security Continuous Monitoring (ISCM)
The RMF serves as a disciplined and structured process, seamlessly integrating Information System security and risk management activities throughout the system development life cycle. At Charrisllc, we possess substantial experience with Enterprise Mission Assurance Support Service (eMASS) and analogous tools, allowing us to adeptly manage all information systems during the RMF process. Moreover, we diligently conduct information security continuous monitoring (ISCM) across an organization’s production, development, and test environments, ensuring a proactive approach to security maintenance and risk mitigation.
- High Value Asset Risk & Vulnerability Assessment
We meticulously evaluate RMF security controls for systems and create essential documentation. We ensure that information system owners are promptly informed of necessary changes to secure a favorable authorization recommendation. Our process involves diligent quality control checks, encompassing both automated and manual application of pertinent System Technical Implementation Guides (STIGs). This includes the application of all relevant security updates to the software across associated resource groups and applications within the environment. Instances where STIG settings or software patches may render a system inoperable are documented on a Plan of Action & Milestones, with clear explanations provided to the Information System Owner.
- Vulnerability Scanning/End Point Security
Charrisllc excels in employing the Assurance Compliance Assessment Solution (ACAS), a robust enterprise vulnerability scanning tool widely employed for networks and components under the aegis of the Department of Defense (DoD). ACAS efficiently identifies known system vulnerabilities, thus contributing to the crucial task of ensuring DoD systems remain compliant with the industry–recommended security standards. In addition, our expertise extends to offering comprehensive End Point Security solutions, by employing tools like Carbon Black and Trellix Endpoint Security (ENS) to further enhance system protection and keep our clients’ organizations safer and more resilient throughout the entire lifecycle of a cyber-attack.