MITRE ATT&CK^® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.

Check it out here.

CIS Benchmarks are best practices for the secure configuration of a target system. Available for more than 100 CIS Benchmarks across 25+ vendor product families, CIS Benchmarks are developed through a unique consensus-based process comprised of cybersecurity professionals and subject matter experts around the world. CIS Benchmarks are the only consensus-based, best-practice security configuration guides both developed and accepted by government, business, industry, and academia.

Check it out here.

The CIS Critical Security Controls are a recommended set of actions for cyber defense that provide specific and actionable ways to thwart the most pervasive attacks. The CIS Controls are a relatively short list of high-priority, highly effective defensive actions that provide a “must-do, do-first” starting point for every enterprise seeking to improve their cyber defense.

Check it out here.

The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development. The primary aim of the OWASP Application Security Verification Standard (ASVS) Project is to normalize the range in the coverage and level of rigor available in the market when it comes to performing Web application security verification using a commercially-workable open standard.

Check it out here.

MDR services are designed to protect organizations from advanced attacks by quickly detecting threats and enabling rapid response. Red Canary MDR delivers threat detection and response as an outsourced service to organizations of all types and sizes. They combine the technology, expertise, and processes that act as or augment your security team so you can focus on running your business.

Check it out here.

SecureSky cloud-based security solutions align with today’s most commonly accepted frameworks and methodologies. SecureSky offers services in all areas of the security lifecycle, and partners with your organization to understand your requirements. Whether your security goal is identifying and managing risk, detecting and responding to threats, or advanced measures to test and optimize the controls you have in place, SecureSky can help.

Check it out here.