Aim your Penetration Testing (pentest) needs in the right direction!

Steer your Cybersecurity Assessment needs to the right professionals!

Reliable testing and assessments every day

Schedule An Appointment

- Our Mission -

Provide superior cybersecurity assessment(s) and penetration tests.

- About -

With over 30 years in the Information Technology (IT) industry, 20 years in security and compliance (across multiple verticals and compliance frameworks (e.g., DoD RMF, DIACAP, DITSCAP, NIST 800-53, NIST 800-171, CMMC, HIPAA and more)), MERLAN Consulting, LLC is ready to support your efforts at providing provable security to those that matter to you. MERLAN Consulting's staff have supported organizations as small as 5 people to as large as 30,000. They have supported traditional on-premises organizations, cloud-only organizations, and hybrid organizations. They have earned commercial, US Department of Defense (DoD), and academic credentials that include PhD's and Master's Degrees in Computer Science, Certified Information System Security Professional (CISSP), the Global Information Assurance Certification (GIAC®) Penetration Tester (GPEN), EC-Council Certified Ethical Hacker (CEH), Certified Cybersecurity Maturity Model Certification (CMMC) Assessor (CCA), Certified CMMC Professional (CCP), CompTIA Security+, DoD Authorizing Official (AO), and more. They have filled positions ranging from instructor to Associate Professor, system administrator to Information Assurance Program Manager (IAPM) to Chief Information Security Officer (CISO), security and compliance consultant and advisor to security control assessor.

- Leadership -

"Compliance is provable security to those who matter."
- Dr. Michael Lanham

Photo of Dr. Lanham

Michael Lanham, Ph.D.

FOUNDER & CEO

Credly Logo

An IT and Security and Compliance industry veteran. Experienced and successful at communicating with audiences from technologists to C-Suites as well as putting 'fingers on keyboard' to do the work. Earned his Ph.D. from Carnegie Mellon University in a field of Computer Science. 27+ years of service to the US Army, including US Cyber Command (CYBERCOM), Army Cyber Command (ARCYBER), Army Forces Cyber Command (ARFORCYBER), US Strategic Command (USSTRATCOM), Joint Functional Component Command (JFCC)-Network Warfare (JFCC-NW), JFCC-Integrated Missile Defense (JFCC-IMD), 15+ years as a faculty member in the Electrical Engineering and Computer Science (EECS) department at the United States Military Academy (USMA), and 5 years as the Chief Information Security Officer.

- Penetration Testing -

Pentesting for a customer negates MERLAN Consulting's ability to conduct formal assessments (e.g., CMMC) for the same customer.

We offer black box, white box, and gray box penetration testing

We offer remote-only, premises-adjacent, and on-site/on-premises testing

We help design strategies to overcome pentest-identified vulnerabilities

- Cybersecurity Assessments -

We provide support services (e.g., contracted CCA) to CMMC Third Party Assessment Organizations (C3PAO)

We provide support services (e.g., contracted assessor) to other Third Party Assessment Organizations (3PAO)

We provide cybersecurity assessment services prior to formal third party assessments (aka Pre-Assessments) across multiple security frameworks (e.g., NIST CSF, RMF, CMMC, CJIS, FedRAMP, HIPAA, and more).

We provide cybersecurity assessment services that do not require a formal authorization from a third party. For example, MERLAN Consulting is not a C3PAO, FedRAMP 3PAO, or PCI-DSS Assessor!

- Cybersecurity and Compliance Consulting -

Consulting for a customer negates MERLAN Consulting's ability to conduct formal assessments for the same customer.

We provide cybersecurity consulting services across multiple security frameworks (e.g., NIST CSF, RMF, CMMC, CJIS, HIPAA, and more). .

We provide compliance consulting services across multiple compliance frameworks (e.g., NIST CSF, RMF, CMMC, CJIS, HIPAA, and more). .

- Why choose us? -

More than 30 years of experience
Operationally focused
Commercial and DoD Certifications
IT, Security, and Compliance support operations mindset
A proven track record of success!

- Our contact info -

Highland Falls, NY, USA
sales@merlanconsulting.com
+1 (845) 972-5016