• (978) 688 1739
  • info@BLKing.net

Don’t worry about your level of compliance, we’ll do the analysis and give you peace of mind. We sweat the details so you don’t have to.

No need to be overwhelmed with CMMC, we’ve got the experts to analyze, plan, and provide compliance solutions to get you to level 3 and beyond.

Security Analysis

As a cost-conscious Managed Security Service Provider with many years of Cybersecurity experience we provide a superior and detailed gap analysis for your DFARS 7012, CMMC, or NIST SP 800-171 compliance. Our analysis yields easy to read documentation meant for the Executive and IT Professionals.

  • Executive Analysis Report: Included in the executive documentation is a listing of major changes, policy/procedure updates, and software/hardware/services costs required to bring your IT infrastructure into compliance.
  • Control Compliance Matrix: A matrix detailing each control and your specific implementation of that control. This includes a detailed statement to either compliance or non-compliance.
  • Plan of Actions and Milestones: This major deliverable for DFARS-7012 makes sure that you are ready to self-attest to your compliance to DFARS 7012. Once the analysis is complete you will be able to submit the Plan of Actions and Milestones (POA&M) to your Contracting Officer which meets the requirement for DFARS 7012. You will still have to follow through the milestones set forth in your POA&M on the timeline you specify.

Managed Security Service Provider

When you’re ready to become compliant we provide the MSSP tech stack and services to bring your infrastructure into compliance with the DFARS 7012 and CMMC. We provide:

  • Risk Management: A continuous monitoring service that provides on-going analysis of your implementation of each NIST 80-171 / CMMC control as well as risk not associated with the control catalogue
  • Vulnerability Scanning: A continuous scanning and remediation of security relevant configuration settings and software vulnerabilities.
  • Incident Response: We will be the entry point for your Incident Response Plan, just report any suspicious incidents to us as soon as they are recognized and we will triage then investigate each incident to determine if you’ve been hacked and then remediate the incident to ensure it doesn’t persist.
  • Configuration Management: We will establish baselines for all of your infrastructure and provide security analysis for each proposed change to those baselines. If needed we can be the facilitator of the Configuration Management process to ease the burden on your staff. You will always have the final say as to which changes are implemented on your network.
  • Patch Management: A critical component of all Information Security Programs is patching security vulnerabilities for your Operating Systems and 3rd party applications. We’ll provide testing and deployment services for your infrastructure.
  • System Configuration: Last but not least we will configure each device in your infrastructure to comply with all of the auditing and configuration security requirements from NIST 800-171