diff --git a/README.md b/README.md
index 8cb5954..d9a4a05 100644
--- a/README.md
+++ b/README.md
@@ -55,6 +55,7 @@ Many cybersecurity professionals enable racist state violence, wittingly or unwi
   - [Threat signature packages and collections](#threat-signature-packages-and-collections)
 - [Tor Onion service defenses](#tor-onion-service-defenses)
 - [Transport-layer defenses](#transport-layer-defenses)
+  - [Overlay and Virtual Private Networks (VPNs)](#overlay-and-virtual-private-networks-vpns)
 - [macOS-based defenses](#macos-based-defenses)
 - [Windows-based defenses](#windows-based-defenses)
   - [Active Directory](#active-directory)
@@ -410,13 +411,18 @@ See also [awesome-tor](https://github.com/ajvb/awesome-tor).
 ## Transport-layer defenses
 
 - [Certbot](https://certbot.eff.org/) - Free tool to automate the issuance and renewal of TLS certificates from the [LetsEncrypt Root CA](https://letsencrypt.org/) with plugins that configure various Web and e-mail server software.
-- [Innernet](https://github.com/tonarino/innernet) - Private network system that uses WireGuard under the hood.
-- [IPsec VPN Server Auto Setup Scripts](https://github.com/hwdsl2/setup-ipsec-vpn) - Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2.
 - [MITMEngine](https://github.com/cloudflare/mitmengine) - Golang library for server-side detection of TLS interception events.
-- [Nebula](https://github.com/slackhq/nebula) - Scalable overlay networking tool with a focus on performance, simplicity and security.
-- [OpenVPN](https://openvpn.net/) - Open source, SSL/TLS-based virtual private network (VPN).
 - [Tor](https://torproject.org/) - Censorship circumvention and anonymizing overlay network providing distributed, cryptographically verified name services (`.onion` domains) to enhance publisher privacy and service availability.
+
+### Overlay and Virtual Private Networks (VPNs)
+
+- [IPsec VPN Server Auto Setup Scripts](https://github.com/hwdsl2/setup-ipsec-vpn) - Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2.
+- [Innernet](https://github.com/tonarino/innernet) - Free Software private network system that uses WireGuard under the hood, made to be self-hosted.
+- [Nebula](https://github.com/slackhq/nebula) - Completely open source and self-hosted, scalable overlay networking tool with a focus on performance, simplicity, and security, inspired by tinc.
+- [OpenVPN](https://openvpn.net/) - Longstanding Free Software traditional SSL/TLS-based virtual private network.
+- [Tailscale](https://tailscale.com/) - Managed freemium mesh VPN service built on top of WireGuard.
 - [WireGuard](https://www.wireguard.com/) - Extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography.
+- [tinc](https://tinc-vpn.org/) - Free Software mesh VPN implemented entirely in userspace that supports expandable network space, bridged ethernet segments, and more.
 
 ## macOS-based defenses