The 8-Domain Roadmap · Industry standard

The Security Practitioner Roadmap

Eight industry-standard security domains, mapped to RingSafe Academy modules — so you know exactly where every skill fits, what you've already covered, and what remains. Built for senior practitioners and certification candidates working toward CISM, CISSP, or equivalent body-of-knowledge benchmarks.

8
Domains
73
Modules live
0
Coming soon
23
Tracks today
The 8 domains

Every senior security role maps here

Whether you're studying for a certification, mapping skills for a hire, or planning your own development, these eight domains cover the practitioner body of knowledge end to end. Click any card to jump.

Domain 01
Security & Risk Management
Governance, risk, compliance, the security mindset
9live 0coming
Domain 02
Asset Security
Data classification, handling, lifecycle, privacy engineering
7live 0coming
Domain 03
Security Architecture & Engineering
Secure design, system models, hardware roots of trust, crypto
9live 0coming
Domain 04
Communication & Network Security
OSI / TCP-IP, secure protocols, segmentation, wireless, SASE
9live 0coming
Domain 05
Identity & Access Management
AAA, federation, PAM, zero-trust enforcement
9live 0coming
Domain 06
Security Assessment & Testing
VAPT, audits, vulnerability programmes, secure code review
9live 0coming
Domain 07
Security Operations
SOC, SIEM, detection engineering, IR, DR, forensics
12live 0coming
Domain 08
Software Development Security
SecSDLC, DevSecOps, AppSec controls, supply chain
9live 0coming
01

Security & Risk Management

Governance, risk, compliance, the security mindset

Security goals (CIA, DAD, AAA), governance frameworks, control selection, third-party governance, security policies / standards / baselines / guidelines / procedures, threat modelling (STRIDE, PASTA, VAST), supply-chain risk, personnel security, social engineering defence, security awareness programmes, business continuity, regulatory compliance (Indian + global).

Live in academy · 9 modules

LIVE
GRC Fundamentals — ISO 27001, SOC 2
 LIVE
DPDP Act 2023 Foundations
 LIVE
Threat Modelling — STRIDE, PASTA
 LIVE
Security Policy Architecture
 LIVE
Security Governance for CISOs
 LIVE
Risk Management Practitioner
 LIVE
Social Engineering Defence
 LIVE
Business Continuity & Disaster Recovery
 LIVE
Cybersecurity Law for Indian Practitioners
02

Asset Security

Data classification, handling, lifecycle, privacy engineering

Identifying and classifying information, asset states, data handling, data loss prevention, data sovereignty, retention, destruction, data protection methods (DRM, CASB, pseudonymisation, tokenisation, anonymisation), data roles (Owner, Controller, Processor, Custodian), security baselines and tailoring, secure-by-design data architecture.

Live in academy · 7 modules

LIVE
DPDP Data Mapping & Inventory
 LIVE
Consent UX & Withdrawal Mechanics
 LIVE
Cloud Data Security Mental Models
 LIVE
Data Classification & Labelling Programme
 LIVE
Data Loss Prevention (DLP) at Scale
 LIVE
CASB & SaaS Data Governance
 LIVE
Privacy Engineering — Tokenisation, k-Anonymity
03

Security Architecture & Engineering

Secure design, system models, hardware roots of trust, crypto

Secure design principles (zero-trust, fail-securely, KISS, secure-defaults, SASE), formal security models (Bell–LaPadula, Biba, Clark–Wilson, Brewer–Nash), Common Criteria, capability-based security, hardware roots of trust (TPM, HSM, secure boot), virtualisation security, container security, IoT/OT/ICS hardening, embedded systems, microservices, IaC, cryptography (symmetric, asymmetric, hashing, PKI), physical / environmental security.

Live in academy · 9 modules

LIVE
Modern Cryptography Fundamentals
 LIVE
TLS in Practice
 LIVE
PKI Architecture & Operations
 LIVE
IoT & OT Security Fundamentals
 LIVE
Zero Trust Architecture
 LIVE
Security Architecture Patterns & Models
 LIVE
Hardware Roots of Trust — TPM, HSM, Secure Boot
 LIVE
Physical & Environmental Security Programme
 LIVE
Quantum-Safe Cryptography Readiness
04

Communication & Network Security

OSI / TCP-IP, secure protocols, segmentation, wireless, SASE

OSI & TCP/IP, secure communication protocols, multilayer protocols, converged protocols (VoIP, vishing), segmentation, edge networks, wireless security (WPA3, captive portals, attacks), CDN, satellite/cellular, secure network components (NAC, firewalls, endpoint, transmission media), VPN, DNS poisoning, ARP spoofing, switching/VLAN attacks, NAT, eavesdropping, modification attacks.

Live in academy · 9 modules

LIVE
Networking Fundamentals
 LIVE
Network Protocols Deep Dive
 LIVE
Advanced Routing & VLANs
 LIVE
Firewall & ACL Design
 LIVE
VPN Fundamentals
 LIVE
BGP Security & RPKI
 LIVE
Packet Analysis with Wireshark
 LIVE
IPv6 Security
 LIVE
Wireless Security & Wi-Fi Attacks (WPA3, Evil Twin)
05

Identity & Access Management

AAA, federation, PAM, zero-trust enforcement

AAA fundamentals (identification, authentication, authorisation, accounting), authentication factors (KYK / HYH / AYP), MFA / passwordless, identity proofing, federation (SAML, OIDC, SCIM), single sign-on, credential management, privileged access management (PAM), session management, provisioning lifecycle, role definition, account maintenance, periodic access review, access control models (DAC, MAC, RBAC, ABAC, rule-based), zero-trust enforcement, common access-control attacks.

Live in academy · 9 modules

LIVE
Active Directory Architecture
 LIVE
Kerberoasting in Practice
 LIVE
AWS IAM Deep Dive
 LIVE
Entra ID — Modern Identity
 LIVE
JWT Attacks
 LIVE
Identity & Access Management Programme
 LIVE
Privileged Access Management (PAM)
 LIVE
Federation — SAML, OIDC, SCIM in Production
 LIVE
Passwordless & FIDO2 Rollout
06

Security Assessment & Testing

VAPT, audits, vulnerability programmes, secure code review

Building a security assessment programme, security audits (internal, external, third-party), vulnerability assessments, penetration testing methodology (OWASP, NIST 800-115, PTES), red-team / purple-team exercises, code review, interface testing, misuse-case testing, test-coverage analysis, website / production monitoring, training and exercises, audit reporting.

Live in academy · 9 modules

LIVE
HTTP & Web Fundamentals
 LIVE
Web Enumeration & Recon
 LIVE
SQL Injection in 2026
 LIVE
Cross-Site Scripting (XSS)
 LIVE
OWASP API Security Top 10
 LIVE
Red Team Operations
 LIVE
Mobile Pentesting (Android+iOS)
 LIVE
Security Audit Programme & Reporting
 LIVE
Secure Code Review at Scale
07

Security Operations

SOC, SIEM, detection engineering, IR, DR, forensics

Foundational ops concepts (need-to-know, least privilege, segregation of duties, two-person control, mandatory vacations, privileged account mgmt), resource protection, managed services in cloud, configuration management (provisioning, baselining, automation), security management processes (log review, account mgmt, training), incident response (detection, preventive measures, IDS/IPS, logging, SOAR, ML-assisted IR, threat intel), patch and vulnerability mgmt, change management, disaster recovery (RTO, RPO, alternate sites, backups, recovery testing), forensics & investigations.

Live in academy · 12 modules

LIVE
SOC Fundamentals
 LIVE
SIEM & Detection Engineering
 LIVE
Sigma Rules & Detection-as-Code
 LIVE
EDR Telemetry & Hunting
 LIVE
Threat Intelligence Fundamentals
 LIVE
MITRE ATT&CK in Practice
 LIVE
Incident Response Playbook
 LIVE
Memory Forensics
 LIVE
Malware Triage
 LIVE
Disaster Recovery — RTO, RPO, Recovery Testing
 LIVE
Digital Forensics & Chain of Custody
 LIVE
Reverse Engineering & Malware Analysis
08

Software Development Security

SecSDLC, DevSecOps, AppSec controls, supply chain

Secure software development lifecycle (SDLC), DevOps and DevSecOps integration, software dev controls, change & configuration management, code repositories & secrets-in-code, third-party software acquisition (SBOM, dependency review, SLSA), database security, application security controls (input validation, output encoding, error handling, hard-coded credentials, memory management), web application firewalls, secure coding practices, common application attacks (injection, XSS, CSRF, SSRF, deserialisation, path traversal, file upload, race conditions, prototype pollution), malware and rootkits.

Live in academy · 9 modules

LIVE
DevSecOps Fundamentals
 LIVE
SAST, DAST & SCA in Pipelines
 LIVE
Software Supply-Chain Security
 LIVE
Business Logic Flaws
 LIVE
Server-Side Request Forgery (SSRF)
 LIVE
Insecure Deserialization
 LIVE
Prototype Pollution
 LIVE
Secure Coding Practices Across Languages
 LIVE
Application Security Programme & WAF Tuning
How to use this roadmap

Three ways practitioners use this

The roadmap isn't a syllabus — it's a navigation aid. Here's how senior security folks actually use it.

USE 01

Certification prep

If you're working toward CISM, CISSP, CCSP, or a similar senior credential, this map shows which RingSafe modules cover each domain. Pair our modules with the official body of knowledge and your prep is structured, not random.

USE 02

Career skills audit

For senior practitioners and tech leads, mark off which domains you can confidently lead and which need development. Domains with all "live" coverage are where you can build depth this quarter; "coming soon" tells you what's planned.

USE 03

Hiring & team mapping

If you run a security team in an Indian SME or scale-up, use the eight domains to gap-test your team's coverage. Domain 1 (governance) and Domain 7 (operations) understaffing is the most common pattern we see in growth-stage companies.

Start where the gap is biggest

Pick the domain card with the most "coming soon" modules — that's likely your team's blind spot. Or jump into Domain 1 if you're new to senior security work; it's the foundation everything else assumes.