Industry Resources
CISA – Cybersecurity and Infrastructure Security Agency (https://www.cisa.govhttps://www.cisa.gov)
CISA is America’s Cyber Defense Agency, operating as the nation’s risk advisor, working with partners to defend against current threats and collaborating to build more secure and resilient infrastructure for the future. CISA offers an extensive array of free services including cybersecurity assessments, training programs, threat intelligence, incident response support, and the Shields Up initiative for emerging threats.
NIST Cybersecurity Framework (https://www.nist.gov/cyberframework)
The NIST Cybersecurity Framework (CSF) 2.0 is a globally recognized, voluntary set of standards and best practices developed by the National Institute of Standards and Technology to help organizations manage and reduce cybersecurity risks. The framework is organized around six core functions: Govern, Identify, Protect, Detect, Respond, and Recover.
OWASP – Open Worldwide Application Security Project (https://owasp.org)
OWASP is a nonprofit foundation dedicated to improving software security through community-driven open-source projects. Founded in 2001, OWASP provides free, vendor-neutral resources for web application and software security. The organization is best known for the OWASP Top 10, a regularly updated list of the most critical web application security risks.
MITRE ATT&CK Framework (https://attack.mitre.org)
MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a globally accessible knowledge base that documents real-world adversary tactics and techniques based on actual cybersecurity incidents. Developed and maintained by the MITRE Corporation, a nonprofit organization, this framework helps organizations understand how cyber adversaries operate across various stages of an attack.
SANS Institute (https://www.sans.org)
SANS Institute is the most trusted and largest provider of cybersecurity training and certifications in the world, training over 40,000 professionals annually. SANS offers more than 60 comprehensive courses across all cybersecurity practice areas, from foundational to advanced levels.
CERT Coordination Center (CERT/CC) (https://www.sei.cmu.edu/divisions/cert)
The CERT Coordination Center at Carnegie Mellon University’s Software Engineering Institute is the world’s first computer emergency response team, established in 1988 following the Morris Worm incident. CERT/CC serves as a trusted authority in cybersecurity, working to improve the security and resilience of computer systems and networks through coordinated vulnerability disclosure, incident response guidance, and cybersecurity research.
(ISC)² – International Information System Security Certification Consortium (https://www.isc2.org)
(ISC)² is the world’s leading nonprofit member association for cybersecurity professionals, with hundreds of thousands of certified members globally. The organization is best known for the CISSP (Certified Information Systems Security Professional), considered the gold standard certification for experienced security professionals.
CIS – Center for Internet Security (https://www.cisecurity.org)
The Center for Internet Security is a nonprofit organization that harnesses the collective power of the global IT community to safeguard public and private organizations against cyber threats. CIS is renowned for developing the CIS Controls (formerly Critical Security Controls), a prioritized set of 18 safeguards for cyber defense that provides organizations with specific, actionable ways to stop today’s most pervasive attacks.
National Vulnerability Database (NVD) (https://nvd.nist.gov)
The National Vulnerability Database is the U.S. government’s comprehensive repository of standards-based vulnerability management data, maintained by the National Institute of Standards and Technology (NIST). The NVD contains over 270,000 vulnerability entries, each cataloged using the Common Vulnerabilities and Exposures (CVE) system.
ISC – Internet Storm Center (SANS) (https://isc.sans.edu)
The Internet Storm Center is a free service operated by SANS Institute that provides real-time analysis of global internet threats and trends. Founded in 2001, the ISC uses a worldwide network of sensors to collect and analyze firewall logs, intrusion detection data, and other security information from thousands of contributors globally. The center maintains the DShield project, which aggregates millions of log entries daily to identify emerging threats, coordinated attacks, and vulnerable systems.
Helpful Tools
Nmap (Network Mapper) (https://nmap.org)
The industry-standard tool for network discovery and security auditing. Nmap can discover hosts, open ports, services, operating systems, and vulnerabilities across networks. Features include host discovery, port scanning, version detection, OS detection, and scriptable interaction through NSE (Nmap Scripting Engine).
Wireshark (https://www.wireshark.org)
The world’s most widely-used network protocol analyzer. Wireshark performs deep packet inspection, capturing and analyzing network traffic in real-time or from saved capture files. It supports hundreds of protocols and provides powerful filtering capabilities essential for network troubleshooting and security analysis.
Metasploit Framework (https://www.metasploit.com)
The world’s most used penetration testing framework, developed by Rapid7. Metasploit provides a comprehensive platform for developing and executing exploit code against remote targets. It includes thousands of exploits, payloads, auxiliary modules, and post-exploitation tools. Available in both free (Framework) and commercial (Pro) versions.
OWASP ZAP (Zed Attack Proxy) (https://www.zaproxy.org)
One of the world’s most popular free web application security scanners. ZAP helps find security vulnerabilities in web applications through both automated scanning and manual testing.
Aircrack-ng (https://www.aircrack-ng.org)
A complete suite of tools to assess WiFi network security, including packet capture, WEP and WPA/WPA2-PSK cracking, and analysis tools.
YARA (https://virustotal.github.io/yara/)
A tool aimed at helping malware researchers identify and classify malware samples by creating descriptions (rules) for malware families.