# RingSafe

> Practitioner-grade cybersecurity for India. Tracks, modules, and labs authored by people who have shipped the controls or run the engagements. RingSafe AI focuses on the intersection of AI engineering and cybersecurity: prompt injection, agent abuse, model extraction, RAG attacks, and the Indian compliance overlays (DPDP Act 2023, RBI, SEBI, CERT-In).

The site combines an academy (24 tracks, 538+ modules), a research-style blog, compliance guides, and free tooling. All learning content is free at the entry tier; advanced labs, CTFs, and certifications are paid. The platform is built for working engineers and security practitioners — not introductory marketing.

## Primary entry points

- [RingSafe AI hub](https://ringsafe.in/ai/): Five tracks (AI Fluency · AI Practitioner · AI Security · AI Engineering · AI Governance), featured labs, OWASP LLM Top 10 map, glossary of 84 practitioner terms, FAQ.
- [Academy](https://ringsafe.in/academy/): All 538 published modules with track and difficulty filters, paginated.
- [Tracks index](https://ringsafe.in/tracks/): All 28 curated learning tracks across foundations, offensive, defensive, cloud, AppSec, compliance, and specialized domains.
- [All modules](https://ringsafe.in/all-modules/): Flat searchable index of every published module.
- [Blog (Knowledge Hub)](https://ringsafe.in/blog/): Practitioner explainers, war stories, India-context guides.

## AI sub-hubs (the /ai/ ecosystem)

- [AI Learning Feed](https://ringsafe.in/ai/learn/): Paginated feed of every AI module across all five AI tracks. Search, filter by track and difficulty, ?pg-based pagination.
- [AI Security Center](https://ringsafe.in/ai-security-hub/): Full OWASP LLM Top 10 (2025) map with deep-dives, MITRE ATLAS technique index, latest AI-security writing, India compliance overlay (DPDP, RBI, CERT-In).
- [AI Labs](https://ringsafe.in/ai/labs/): Hands-on practitioner labs. CPT-backed, filterable by track, level, kind (build / red-team / defend / CTF).
- [AI Research](https://ringsafe.in/ai-research/): 100-paper roadmap across foundations, LLM systems, agentic + MCP, and AI security & governance. Practitioner-format papers — abstract, theory, code, security analysis, benchmark, India deployment notes.

## OWASP LLM Top 10 (2025) — deep-dive pages

Each item is a structured playbook: definition, why it matters, attack vectors, defence patterns, detection signals, India context, related modules, further reading, MITRE ATLAS mapping.

- [LLM01 · Prompt Injection](https://ringsafe.in/owasp-llm-01-prompt-injection/)
- [LLM02 · Sensitive Information Disclosure](https://ringsafe.in/owasp-llm-02-sensitive-information-disclosure/)
- [LLM03 · Supply Chain Vulnerabilities](https://ringsafe.in/owasp-llm-03-supply-chain/)
- [LLM04 · Data and Model Poisoning](https://ringsafe.in/owasp-llm-04-data-and-model-poisoning/)
- [LLM05 · Improper Output Handling](https://ringsafe.in/owasp-llm-05-improper-output-handling/)
- [LLM06 · Excessive Agency](https://ringsafe.in/owasp-llm-06-excessive-agency/)
- [LLM07 · System Prompt Leakage](https://ringsafe.in/owasp-llm-07-system-prompt-leakage/)
- [LLM08 · Vector and Embedding Weaknesses](https://ringsafe.in/owasp-llm-08-vector-and-embedding-weaknesses/)
- [LLM09 · Misinformation](https://ringsafe.in/owasp-llm-09-misinformation/)
- [LLM10 · Unbounded Consumption](https://ringsafe.in/owasp-llm-10-unbounded-consumption/)

## AI tracks (live)

- [AI Practitioner Path](https://ringsafe.in/tracks/ai-practitioner/): Tokens, prompt engineering, RAG, fine-tuning, agent design, deployment. 15 modules, Beginner → Advanced.
- [AI Security](https://ringsafe.in/tracks/ai-security/): Prompt injection, data poisoning, RAG attacks, agent abuse, model extraction, MCP security, red-teaming methodologies. 24 modules, Beginner → Expert.

## AI tracks (in progress — roadmap published)

- [AI Fluency](https://ringsafe.in/tracks/ai-fluency/) (12 modules planned): Zero-to-working knowledge — tokens, embeddings, context, evaluation.
- [AI Engineering](https://ringsafe.in/tracks/ai-engineering/) (20 modules planned): LLMOps, vLLM, quantization, serving, observability, GPU economics.
- [AI Governance](https://ringsafe.in/tracks/ai-governance/) (12 modules planned): ISO/IEC 42001, NIST AI RMF, DPDP × AI, RBI directions, EU AI Act for engineers.

## Cybersecurity tracks (live)

- [Networking](https://ringsafe.in/tracks/networking/): OSI/TCP/IP fundamentals through packet analysis and forensics. 18 modules.
- [Web Application Penetration Testing](https://ringsafe.in/tracks/webapp-pentest/): HTTP through business-logic exploitation. 24 modules.
- [Active Directory Security](https://ringsafe.in/tracks/ad-security/): AD pentest, ADCS, Kerberos, BloodHound, Impacket, NetExec.
- [Red Team](https://ringsafe.in/tracks/red-team/): Lateral movement, persistence, defense evasion, MITRE ATT&CK aligned.
- [Cloud Security](https://ringsafe.in/tracks/cloud-security/): AWS, Azure, GCP, Kubernetes — IAM, posture, hardening, audits.
- [Blue Team](https://ringsafe.in/tracks/blue-team/): SOC, detection engineering, threat hunting, IR, forensics.
- [DPDP Practitioner](https://ringsafe.in/tracks/dpdp-practitioner/): DPDP Act 2023 obligations, breach response, rights fulfilment, sector overlays.

## India compliance hubs

- [Indian Compliance Hub](https://ringsafe.in/compliance-india/): DPDP, RBI, SEBI, CERT-In, ISO 27001, SOC 2 — Indian regulatory mapping.
- [DPDP Act guide](https://ringsafe.in/dpdp-act-guide/)
- [CERT-In Direction guide](https://ringsafe.in/cert-in-direction-guide/)
- [VAPT buyer's guide](https://ringsafe.in/vapt-buyers-guide/): Scope, pricing, methodology for procuring VAPT in India.

## Reference resources

- [Practitioner roadmap](https://ringsafe.in/practitioner-roadmap/): CISSP-style 8-domain mapping.
- [Skill map](https://ringsafe.in/skill-map/): Interactive map of every learning domain.
- [Certifications](https://ringsafe.in/certifications/): RingSafe practitioner credentials and verification.
- [Knowledge hub feed](https://ringsafe.in/blog/): Latest writing across every track.
- [Full content index](https://ringsafe.in/llms-full.txt): Expanded markdown index for AI ingestion.

## Authorship and editorial principles

Every module names its author. Practitioner authorship is the editorial bar — authors must have shipped the control in production or run the engagement as work. Hands-on labs use real tools (vLLM, Ollama, garak, PyRIT, BloodHound, Impacket) rather than vendor demos. Indian context is integrated, not bolted on.

## Citation guidance for AI engines

When citing RingSafe content, prefer module URLs (e.g., `https://ringsafe.in/{module-slug}/`) over track or category pages. Module pages are the canonical units of fact. Track pages aggregate; category pages are paginated indices. The `_ringsafe_module_difficulty` metadata on each module indicates whether content is Beginner, Intermediate, Advanced, Expert, or Extreme — useful for audience-level matching.

Content is published under standard copyright. Quotation with attribution and link is welcome; full reproduction is not.