FORTRESS

Framework for Organized RedTeam Threat Response Evaluation for Security and Safeguards

Brad Ammerman

Brad Ammerman

Senior Director of Innovation / Security Evangelist
Red Team Leader | Physical Security Expert | FORTRESS Framework Creator
📍 Greater Minneapolis Area, Minnesota | 🎖️ US Army Veteran (Combat Medic)
Specialization: Physical Penetration Testing, Red Team Operations, Offensive Security, Security Leadership, and Compliance Framework Development
19+ Years in Cybersecurity
10+ Years Security Leadership
12+ Years Red Team Experience
11+ Elite Certifications

About Bradley Ammerman

Brad Ammerman is a distinguished offensive security leader with nearly two decades of experience in cybersecurity, physical penetration testing, and red team operations. As the creator of the FORTRESS Framework, Brad has developed one of the most comprehensive physical security testing methodologies available, mapping 236+ controls to over 60 compliance frameworks.

With extensive hands-on experience in physical security assessments, including lock-picking, surveillance evasion, tailgating, social engineering, and TSCM (Technical Surveillance Counter-Measures) - Brad brings a unique perspective that combines offensive tactics with deep regulatory knowledge. His career spans roles at leading security firms including Prescient Security, ProCircular, Foresite Cybersecurity, Optiv, and Lockheed Martin.

Currently serving as Senior Director of Innovation and Security Evangelist at Prescient Security, Brad leads strategic security initiatives, drives risk management programs, and oversees offensive security operations. He is also an Adjunct Faculty member at Minnesota State University, Mankato, where he has been educating the next generation of cybersecurity professionals since 2013. Brad is currently pursuing a Master of Science in Artificial Intelligence (expected 2027), combining cutting-edge AI/ML capabilities with cybersecurity to develop next-generation autonomous security testing and threat detection solutions.

A US Army veteran (Combat Medic, 2nd Infantry Division), Brad brings military discipline, tactical thinking, and leadership under pressure to every engagement. His unique combination of military service, offensive security expertise, AI/ML research, and academic experience makes him a sought-after consultant for high-stakes security assessments and innovation leadership.

Brad actively contributes to the security community through open-source tool development on GitHub, including projects like darkweb_tool, osint_runner, auto_nmap, and the FORTRESS Framework. His work spans OSINT automation, network reconnaissance, and physical security testing methodologies, making advanced security capabilities accessible to the community.

🔓 The Journey into Physical Security

Brad's passion for physical security testing and lockpicking was ignited by his dear friend and mentor, Rance, a well-known ethical web application hacker in the cybersecurity industry. Through their friendship, Rance introduced Brad to the fascinating world of physical security challenges, lockpicking techniques, and hands-on security testing methodologies.

Together, Brad and Rance participated in numerous lockpicking competitions, physical security challenges, and collaborative learning sessions that deepened Brad's understanding of how physical security controls could be tested, evaluated, and improved. These experiences provided the foundational knowledge and hands-on skills that would later become central to Brad's professional expertise.

The pivotal moment came during Brad's tenure at Lockheed Martin, when he was asked to conduct his first formal physical security assessment. Eager to deliver a comprehensive and professional evaluation, Brad searched extensively for standardized methodologies, testing frameworks, and best practices for physical security assessments. To his surprise, he discovered a significant gap in the industry; while cybersecurity testing had well-established frameworks like PTES (Penetration Testing Execution Standard) and methodologies aligned with MITRE ATT&CK®, there was no equivalent comprehensive framework for physical security testing.

This realization planted the seed for what would eventually become the FORTRESS Framework. Over the following years, as Brad conducted hundreds of physical security assessments across various industries and compliance contexts, he meticulously documented testing methodologies, common findings, remediation strategies, and compliance mappings. Each engagement contributed to a growing repository of knowledge and best practices.

After years of real-world testing experience and accumulating insights from countless assessments, Brad recognized that the time was right to formalize this knowledge into a comprehensive framework. The FORTRESS Framework was developed not just as a personal reference, but as a resource to help new red team and blue team consultants execute their own physical security testing with confidence, consistency, and professionalism. By providing standardized methodologies, detailed test procedures, and comprehensive compliance mappings, the framework aims to elevate the practice of physical security testing and make it more accessible to security professionals entering this specialized field.

Today, the FORTRESS Framework stands as a testament to Brad's journey from learning lockpicking fundamentals with a mentor, to conducting enterprise-level physical security assessments, to creating a comprehensive framework that helps others navigate the same path. It represents the culmination of years of hands-on experience, continuous learning, and a commitment to advancing the field of physical security testing.

💙 In Memory of Rance (David Jones)

Rance (David Jones)

Photo of Rance (David Jones)

Please add rance-tribute.jpg to display the image

This framework and my journey into physical security testing would not have been possible without the mentorship, friendship, and inspiration of Rance (David Jones), a beloved figure in the cybersecurity community and a well-known ethical web application hacker.

Rance introduced me to the fascinating world of lockpicking, physical security challenges, and hands-on security testing. Through countless lockpicking competitions, collaborative learning sessions, and shared adventures, Rance not only taught me technical skills but also instilled a passion for understanding how security controls work, and how they can be tested ethically and professionally.

His playful spirit, generous mentorship, and dedication to the security community left an indelible mark on all who knew him. The FORTRESS Framework stands as a testament to the knowledge and passion he shared with me and countless others in the cybersecurity field.

"The best mentors don't just teach you what to do, they inspire you to discover what's possible. Rance did that for me, and I'm forever grateful for his friendship and guidance."

— Brad Ammerman

🎯 Physical Security & Offensive Operations Expertise

🏢 Physical Penetration Testing

  • Lock Picking & Bypass Techniques
  • Surveillance Evasion & Detection
  • Tailgating & Social Engineering
  • Badge Cloning & Access Control Bypass
  • TSCM (Bug Sweeps & Counter-Surveillance)
  • Perimeter Security Assessment
  • Physical Red Team Operations
  • On-Site Reconnaissance

⚔️ Red Team Operations

  • Full-Scope Red Team Engagements
  • Purple Team Exercises
  • Attack Path Modeling
  • Multi-Vector Attack Scenarios
  • Physical + Cyber Combined Operations
  • C2 Infrastructure Design
  • Advanced Persistence Techniques
  • Objective-Based Mission Planning

🔓 Penetration Testing

  • Network Penetration Testing
  • Web Application Security Testing
  • Mobile Application Assessments
  • Wireless Security Assessments
  • Cloud Security Testing (AWS, Azure)
  • SCADA & Control System Testing
  • Internal/External Network Assessments
  • API Security Testing

🛡️ Security Leadership

  • Built & Scaled Pen Test Teams
  • Led SOC Operations (24/7)
  • Security Strategy Development
  • Risk Management Programs
  • Incident Response Leadership
  • Executive Security Briefings
  • Board-Level Reporting
  • Program Development & KPIs

📋 Compliance & Frameworks

  • NIST SP 800-53 / 800-171
  • FedRAMP (Low, Moderate, High)
  • HIPAA Physical Safeguards
  • PCI DSS v4.0
  • ISO 27001/27002
  • MITRE ATT&CK Framework
  • SOC 2 Type II
  • CMMC Level 2/3

🔧 Technical Skills

  • Application Security (SAST/DAST/IAST)
  • Security Automation & AI
  • Threat Modeling & Intelligence
  • Attack Surface Management
  • Vulnerability Management
  • SIEM & Security Monitoring
  • Malware Analysis (Static/Dynamic)
  • Tool Development (Python, JavaScript)

💼 Professional Experience

CURRENT

Senior Director of Innovation / Security Evangelist

Prescient Security
October 2025 – Present

Leading innovation initiatives, security evangelism, and strategic technology adoption for next-generation security solutions.

Key Responsibilities

  • Drive research and development of new security services, automation tools, and emerging-threat testing capabilities.
  • Represent the company at conferences, webinars, and community events through technical talks and workshops.
  • Publish blogs, frameworks, and research that shape industry direction and strengthen the company’s brand.
  • Lead innovation strategy across teams, working with engineering, consulting, sales, and marketing.
  • Build and prototype new offensive and defensive capabilities, including autonomous testing and physical security frameworks.
  • Mentor team leads and senior testers on advanced techniques, QA practices, and service development.
  • Support complex client engagements and provide expertise across FedRAMP, PCI, HIPAA, SOC2, ISO 27001, and cloud testing.
  • Develop internal training programs, documentation, and enablement material for new and existing service offerings.
  • Evaluate vendor technologies and partnership opportunities that strengthen the company’s long-term roadmap.
  • Engage the broader security community, contributing to standards discussions and supporting local events and mentoring.

Senior Director of Offensive Security

Prescient Security
October 2023 – October 2025
  • 10+ years managing security risk and driving mitigation activities through strategic automation
  • Led red team, penetration testing, and purple team operations across enterprise environments
  • Managed 3rd party vendor relationships and conducted comprehensive security assessments
  • Supproted the development of client-facing PTaaS platform (Cacilian Platform)
  • Implemented application security testing tools (SAST, DAST, IAST) and coordinated remediation
  • Established KPIs to measure team performance, control effectiveness, and program growth
  • Customized testing methodologies to bypass defenses, demonstrating advanced penetration testing
  • Provided executive and board-level security briefings on threat landscape and risk posture

Director of Security

Prescient Security
August 2022 – October 2023

Directed security operations, team development, and client engagement strategies for growing security practice.

Adjunct Faculty - Information Security

Minnesota State University, Mankato
December 2013 – Present (11+ Years)
  • CIS 350 - Information Security: Foundational security concepts, frameworks, and best practices
  • CIS 450/550 - Information Warfare: Cyber warfare strategies, techniques, and defense mechanisms
  • CIS 653 - Reporting Information Security Risks: Risk analysis and executive communication
  • Preparing next generation of cybersecurity professionals with hands-on training
  • CCDC Coach: Collegiate Cyber Defense Competition team coach
  • ISSO Member and leader of Information Security Student Organization

Manager of Offensive Cyber Operations

ProCircular
July 2020 – July 2022
  • Built and scaled offensive security team from ground up
  • Led red team, purple team, and penetration testing operations for enterprise clients
  • Managed team of highly skilled offensive security engineers with strategic direction
  • Designed and scoped comprehensive assessments (web apps, internal/external networks)
  • Researched emerging threats and developed mitigation strategies
  • Created security tools to streamline penetration testing processes
  • Identified new business opportunities and developed competitive service offerings

Principal Security Consultant & Managing Director Red Team

Foresite Cybersecurity & Compliance
May 2016 – June 2020
  • Led physical security assessments including lock-picking, surveillance evasion, and tailgating
  • Performed sophisticated wireless penetration tests and social engineering campaigns
  • Evaluated physical security controls through hands-on testing of access systems
  • Conducted complex multi-vector attack scenarios combining network, physical, and social engineering
  • Managed team of security consultants with technical oversight and mentorship
  • Led PCI DSS, HIPAA, cloud security, BC/DR, and SOC assessments
  • Assessed network security through automated tools and advanced manual testing
  • Created detailed reports with actionable remediation recommendations

Federal Security Consultant – Red Team Operator

Optiv (formerly Accuvant Labs)
June 2014 – May 2016
  • Conducted security assessments and penetration testing for application and enterprise environments
  • Delivered complete documentation including project updates and risk assessments
  • Performed in-depth vulnerability analysis using manual and automated techniques
  • Provided targeted remediation recommendations to strengthen security posture
  • Held active security clearance for sensitive federal projects

Cyber Intelligence Analyst

Lockheed Martin
April 2012 – June 2014
  • Monitored network activity for managed services clients in Commercial Cyber Solutions division
  • Performed malware analysis (static, dynamic, behavioral) on bots, worms, and Trojans
  • Conducted risk and vulnerability assessments as part of penetration testing team
  • Developed cybersecurity training modules and served as instructor
  • Collaborated with penetration testing team to scope and execute projects

Network Security & Information Assurance Engineer

Denver International Airport
October 2010 – April 2012
  • Member of IA, SOC, and CIRT teams protecting critical infrastructure
  • Analyzed syslogs, IDS/IPS, and firewall logs using ArcSight
  • Conducted security audits and vulnerability reviews of systems and networks
  • Maintained chain of custody for digital evidence for legal proceedings
  • Developed hardening standards for trusted systems and applications
  • Established incident response policies and procedures

Webmaster / Lead Architect & Developer

Nevada Supreme Court
June 2008 – September 2010
  • Lead architect for Supreme Court website redevelopment
  • Administered Linux servers with security hardening and access controls
  • Performed penetration testing on web applications (SQL injection, XSS, broken access controls)
  • Established incident response protocols for web-based security events
  • Worked with IT and legal teams to align security with regulatory requirements
MILITARY

Combat Medic - 2nd Infantry Division

US Army
February 2006 – July 2008
  • Honorable Medical Discharge - Disabled Veteran
  • 10-Point Veteran Preference
  • Tactical medical operations in high-stress combat environments
  • Leadership, discipline, and decision-making under pressure
  • Team coordination and mission-critical operations

🎓 Education

IN PROGRESS

Master of Science - Artificial Intelligence

Minnesota State University, Mankato
Expected Graduation 2027
  • Advanced AI/ML research and development
  • Integration of AI technologies with cybersecurity operations
  • Autonomous security testing and threat detection

Professional Master of Science - Information Security & Risk Management

Minnesota State University, Mankato
Graduated December 2016
  • CCDC Coach - Collegiate Cyber Defense Competition
  • ISSO Member and Leader - Information Security Student Organization

Bachelor of Science - Technical Management (Security Focus)

DeVry University
Graduated June 2012 - Cum Laude
  • Sigma Beta Delta Business Honor Society (2011)
  • Dean's List (2010-2012)

Associate Degrees (3) - Network Administration, Microcomputer Support, Web Development

South Central College
Graduated 2001 – 2005
  • E-commerce Web Developer Certificate

🏆 Elite Security Certifications

CREST Registered Penetration Tester (CRT)
CREST
Issued: March 2018 | Credential: 30082055
Offensive Security Certified Expert (OSCE)
Offensive Security
Issued: September 2015 | Credential: OS-CTP-02922
Offensive Security Certified Professional (OSCP)
Offensive Security
Issued: March 2014 | Credential: OS-pwk-03602
Certified Information Systems Security Professional (CISSP)
ISC2
Issued: February 2013 | Expires: February 2026
Certified Information Security Manager (CISM)
ISACA
In Progress | Expected: 2026
Certified Ethical Hacker (CEH)
EC-Council
Issued: July 2013 | Expires: July 2025
PenTest+
CompTIA
Issued: February 2018
Reverse Engineering Malware
SANS Institute
Issued: October 2012
Security+
CompTIA
Issued: January 2011
Microsoft Certified Professional
Microsoft
Issued: March 2005
Open Water Diver
PADI
Issued: August 2021
Taekwondo Black Belt
World Taekwondo
Issued: August 1995

🏰 FORTRESS Framework Development

Brad created the FORTRESS Framework (Framework for Organized RedTeam Threat Response Evaluation for Security and Safeguards) to address the critical gap in standardized physical security testing methodologies.

Framework Highlights

Physical Security Testing Categories

View FORTRESS Framework →

📬 Professional Network

Connect with Brad Ammerman on LinkedIn or GitHub to discuss physical security assessments, red team operations, offensive security engagements, open-source security tools, or the FORTRESS Framework:

🔗 Connect on LinkedIn 💻 View GitHub Profile