About Us

We Build It. We Break It.

Offend & Defend is the offensive security division of Pendergrass Consulting — an IT consulting firm that manages production infrastructure daily. We attack the same systems we defend, and that makes us dangerous.

Operators, Not Just Testers

Most penetration testing firms employ security specialists who only see systems from the outside. We're different. Offend & Defend was born from Pendergrass Consulting, where we build, manage, and defend real production infrastructure every day — Linux servers, Windows domains, F5 load balancers, Cisco firewalls, SIEM platforms, web applications, and databases.

When we attack your network, we bring the perspective of someone who has built networks just like it. We know where the configuration gaps hide. We know which default settings never get changed. We know the shortcuts sysadmins take because we've taken them ourselves. That operational depth is what separates a checkbox pentest from one that actually improves your security.

Our Philosophy

Offense informs defense. You can't build effective security controls if you don't understand how attackers think, move, and operate inside real networks. Every engagement we run feeds back into our defensive consulting practice, and every infrastructure we manage teaches us new attack paths.

We believe offensive security should be accessible to organizations of every size — not just enterprises with six-figure security budgets. Small and mid-sized businesses face the same threats as Fortune 500 companies but rarely get the same quality of testing. We're changing that.

Pendergrass Consulting

Offend & Defend is a division of Pendergrass Consulting, a full-service IT consulting firm based in Selma, NC. Pendergrass Consulting provides web development, custom applications, cybersecurity hardening, cloud backup solutions, and managed IT services to small businesses across the Triangle region and beyond.

This dual capability means we don't just find vulnerabilities — we can help you fix them. When an engagement uncovers a firewall misconfiguration, a web application flaw, or a server hardening gap, our consulting team has the hands-on infrastructure experience to implement the remediation directly.

Our Technical Environment

We operate in the same environments our clients do. Our team has hands-on production experience with:

Operating Systems — Rocky Linux, CentOS, Debian, RHEL, Ubuntu, Windows Server 2016-2025
Networking — F5 BIG-IP (LTM/GTM/WAF), Cisco ASA, Palo Alto PA series, VPN infrastructure, network segmentation
Security Tools — Security Onion, CrowdStrike Falcon, Greenbone/OpenVAS, fail2ban, ClamAV, Elastic SIEM
Web & Application — Apache, Nginx, WildFly, PHP-FPM, WordPress, custom web applications, RESTful APIs
Databases — MSSQL Server, MariaDB, MySQL, PostgreSQL — clustering, replication, performance tuning
Cloud & Infrastructure — AWS (S3, EC2, IAM), Hyper-V, iSCSI SAN, Veritas Backup, Nextcloud

Ready to put your defenses to the test with operators who understand your stack?

Get Assessed

Capabilities & Expertise

Penetration Testing (Network, Web, Cloud)
Red Team & Adversary Simulation
Social Engineering & Phishing
MITRE ATT&CK Framework
OWASP Testing Guide & ASVS
PTES Methodology
OSINT & Reconnaissance
Active Directory Security
Linux & Windows Server Hardening
Firewall & Load Balancer Security
SIEM & Detection Engineering
Web Application Security
Database Security
Cloud Security (AWS, Azure)
Vulnerability Management
Incident Response

Contact

EMAILsales@pendergrassconsulting.com

BASESelma, NC 27576

ADDR110 S. Massey St., Suite 201

Pendergrass Consulting pendergrassconsulting.com →