OWASP (Open Web Application Security Project) - OWASP is a nonprofit organization that we frequently turn to for the latest insights into web application security. Their OWASP Top 10 is a fundamental resource that influences our approach to testing and securing web applications.

NIST (National Institute of Standards and Technology) - At Red Garrison, we align our testing methodologies with industry standards. NIST’s cybersecurity frameworks, particularly NIST SP 800-115, provide a solid foundation for our penetration testing strategies.

Huntress - Huntress is a trusted partner in managed detection and response (MDR). Their proactive threat hunting and remediation services help us offer clients a deeper layer of security beyond traditional testing.

Rapid7 - Rapid7 provides us with powerful tools like InsightVM and Metasploit, which enhance our vulnerability assessments and exploit testing during engagements.

Tenable - Nessus by Tenable is one of our go-to vulnerability scanners. Its thoroughness and reliability allow us to identify and prioritize vulnerabilities effectively.

PortSwigger - As the creators of Burp Suite, PortSwigger helps us perform in-depth web application security assessments. Burp Suite is a trusted tool in our red team toolbox for identifying and mitigating risks.

Cobalt - We admire Cobalt’s Penetration Testing as a Service (PTaaS) model, which aligns with our own mission to provide flexible, tailored testing solutions for our clients.

TCM Security - TCM Security is not only a resource for certifications like OSINT and PNPT but also a thought leader in the ethical hacking community. We value their high-quality training materials and insights.

SANS Institute - SANS offers some of the most respected cybersecurity training and certifications available. We encourage our team to stay sharp by participating in SANS courses and leveraging their resources.

Offensive Security - As the organization behind the OSCP certification and the popular Kali Linux distribution, Offensive Security’s resources are a staple in our penetration testing practices.

TryHackMe - TryHackMe offers hands-on labs that help our team stay current with the latest attack techniques and defensive strategies, ensuring we bring the best insights to our clients.

Hack The Box - Hack The Box is a platform that allows our team to test their skills against real-world scenarios. It helps us maintain the high level of expertise that our clients expect.

The Cyber Mentor - Founded by Heath Adams, The Cyber Mentor is a fantastic resource for both budding and experienced penetration testers. We often recommend their courses to those looking to deepen their knowledge in ethical hacking.

Cisco Talos - Talos provides up-to-date threat intelligence that we use to inform our testing strategies and stay ahead of emerging cybersecurity threats.

Exploit Database - Managed by Offensive Security, the Exploit Database is an essential resource for researching vulnerabilities and developing effective testing strategies.

Mitre ATT&CK - We utilize the MITRE ATT&CK framework to map attack techniques and tactics, ensuring our testing methodologies align with real-world threat scenarios.

Cybersecurity & Infrastructure Security Agency (CISA) - CISA offers invaluable insights and alerts about vulnerabilities and cyber threats. We often consult their advisories when crafting our testing approaches.