Skip to content
Anchor

Security Model

Anchor’s security model ties privileged access governance to users, scopes, resources, accounts, policies, sessions, logs, posture signals, and ledger-backed integrity.

Core controls

Section titled “Core controls”
  • Zero Trust access patterns.
  • Least privilege and reduced standing privilege.
  • Policy-driven access decisions.
  • Security as Code for repeatable governance.
  • Anchor Connect session governance.
  • Audit-ready operational evidence.
  • Policy drift, stale account detection, and posture review.
  • Ledger-backed integrity for security-relevant events.

Operating boundary

Section titled “Operating boundary”

Anchor separates the web UI, API/core engine, database, policy engine, audit pipeline, and Anchor Connect nodes so security teams can reason about control boundaries and scale the parts that matter.

Review value

Section titled “Review value”

The model gives administrators, operators, and reviewers a shared vocabulary: who acted, which resource or account was involved, which policy applied, what session or job occurred, and what evidence was written.