Security Training & Documentation That Build Real, Operational Security Programs.

You learn it. You document it. You prove you're running it. Our courses produce production capabilities you deploy, detection methodologies, architecture disciplines, and tools tested against real threats. Our documentation toolkits turn these capabilities into audit-ready governance. All created by practicing security leaders and engineers who still defend environments every day.

Explore Courses Browse Documentation
Training

Courses That Build Security Engineers

Courses are designed and delivered so you develop real-world, production-grade capabilities that meet the challenges of your environment, grounded in practice rather than theory or screenshots. You create the detection program that fires on actual attack chains.

You create effective, auditor-approved architecture decision records. You investigate incidents using tried-and-tested acquisition techniques, queries, and methodologies that meet industry standards and best practices. Courses don't describe what good looks like; you build it. From $179/year. See pricing →

Premium
Endpoint Security Engineering
What you'll deployEndpoint hardening baselines, ASR rules, and Defender for Endpoint detection configs you can push today
See What You'll Deploy →
Specialist
Microsoft 365 Security Architecture
What you'll deployDevelop ADRs, decision matrices, risk register, architecture diagrams, and an executive summary: a complete, portfolio-grade architecture package
See What You'll Deploy →
Premium
Microsoft 365 Identity Security Engineering
What you'll deployProduction-ready Conditional Access policies + identity threat detection rules you can deploy immediately
See What You'll Deploy →
Specialist
Microsoft 365 Identity and Access Management
What you'll deployA governed identity program where every identity, human and machine, has an owner, a lifecycle, and compliance evidence
See What You'll Deploy →
Premium
Microsoft 365 Security Operations
What you'll deployFull M365 security operations playbook + live Sentinel + Defender XDR detections
See What You'll Deploy →
Premium
Threat Detection Engineering
What you'll deployDevelop production KQL detection rules mapped to the attack chains, a detection-as-code pipeline, and the methodology to take any technique and ship a validated detection
See What You'll Deploy →
View all 20 courses →
Documentation

Governance Documentation That Closes Audit Findings

When your auditor opens the folder, they find exactly what they expect: policies that directly map to your implemented controls, risk registers that reflect real business decisions, and compliance evidence organized in a clear, defensible structure.

Every documentation toolkit is created by practitioners who have sat on both sides of the audit table, as security leads and as auditors. These are not generic templates with your logo added. We provide complete, production-ready governance frameworks designed to withstand scrutiny and demonstrate genuine program maturity.

Your organization is building a governance program that works, not merely documenting compliance. From $497. Customization from $1,997

34 Documents
Cyber Incident Response Toolkit
ISO 27001 · NIST CSF 2.0 · CIS v8 · NIST 800-61r3
Deploy a complete incident response capability in days — playbooks, classification engines, communications templates, and evidence management built from real incident response experience.
$797
View Details →
8 Documents
Vulnerability & Patch Management Toolkit
NIST CSF 2.0 · ISO 27001 · CIS v8
Build a vulnerability management program that tracks from discovery to remediation — with the operational workflows your team needs to run it.
$497
View Details →
Desktop App · 38 Documents
Zero Trust Implementation Toolkit
NIST 800-207 · CISA ZTMM · ISO 27001 · NIST CSF 2.0
Implement zero trust across all 5 CISA pillars — from board-level policy to platform-specific controls. Automation pipeline and operational tools included.
$797
View Details →
Desktop App · 26 Documents
Risk Management Toolkit
ISO 27001 · ISO 22301 · ISO 31000 · NIST CSF 2.0
Run your entire risk management program from one desktop application — AI-powered risk assessment, business impact analysis, vendor management, and board-ready reporting. No server, no subscription.
$997
View Details →
Desktop App · 100 Documents
Information Security Policy Suite
ISO 27001 · NIST CSF 2.0 · CIS v8 · SOC 2
Deploy a complete information security management system — 100 documents, 93-control compliance assessment, and a desktop application that manages policies, evidence, and board reporting in
$1,497
View Details →
138 Documents
NIST CSF Implementation & Operations Suite
NIST CSF 2.0 · ISO 27001 · CIS v8
Deploy NIST CSF 2.0 across all six functions with operational GRC tools — the complete framework implementation, not just a mapping exercise.
$1,497
View Details →
View all products →
Applications

Prove You Are Running the Program

Documentation defines what your security program is. Applications prove you are operating it. Ridgeguard answers questionnaires, assesses vendors, governs policies, measures gaps, and publishes your security posture to prospects. It runs on your machine. Your data never leaves your network. No SaaS subscription, no cloud dependency, no $30,000 platform.

Questionnaire Response

Import a 200-question spreadsheet. 790 pre-written answers auto-match 60–80%. AI fills the gaps using your company profile. Export in the original format.

Vendor Risk & Policy Governance

Risk-tiered vendor register with assessment history and certification tracking. Policy lifecycle from draft to retirement with evidence linking and staff acknowledgements.

Gap Assessment & Trust Center

80-question gap assessment with a prioritized remediation plan. Publish a Trust Center so prospects check your posture before they send the questionnaire.

Start Free 30-Day Trial See All Applications → $299/year · Windows 10/11 · No credit card required
Results

What Students Deploy

Design and Deploy Production-Ready Capabilities

Students design and implement production-ready capabilities; for example, in the Threat Detection Engineering course, you will build and deploy high-quality detection rules mapped to ATT&CK techniques across attack chains.

Architecture Decision Records

MSA students produce a portfolio-grade architecture package with ADRs, risk registers, and executive summaries.

Free Learning Resources

Every course's first module is free to preview, with hands-on exercises and real deliverables. Try it, then decide.

KQL: Inbox Rule Forwarding Detection
// Detect inbox rules that forward mail externally
// Maps to MITRE T1114.003 - Email Collection
OfficeActivity
| where Operation in ("New-InboxRule", "Set-InboxRule")
| where Parameters has_any ("ForwardTo", "ForwardAsAttachmentTo",
    "RedirectTo")
| extend ForwardTarget = tostring(Parameters)
| where ForwardTarget !has "@northgate-eng.com"
| project TimeGenerated, UserId, Operation,
    ForwardTarget, ClientIP
Architecture Decision Record

ADR-007: Require Phishing-Resistant MFA for Privileged Roles

Status: Accepted

Context: 23 Global Admins use SMS/phone MFA. AiTM attacks bypass these methods. Two confirmed attempts in Q1.

Decision: Deploy FIDO2 security keys for all privileged roles. Block legacy MFA methods via Conditional Access.

Consequence: Hardware cost ~$1,840. Eliminates AiTM credential theft for admin accounts.

These are real course artifacts. The detection rule is from Threat Detection Engineering. The ADR is from Microsoft 365 Security Architecture.

The Shift

Before and After

You Google KQL queries during incidents and hope the syntax is right.

Your team has detection rules running in production that they wrote, tested, and tuned.

Architecture decisions are verbal. When the auditor asks why, you reconstruct from memory.

Every architecture decision is documented in an ADR. The auditor reads it and moves on.

Your security policies are templates from the internet with your logo on top.

Your governance documentation was built by practitioners who understand your controls.

Preview Any Course.

Every course's first module is free to preview right now. No account, no card, no trial timer. See the teaching quality, try the exercises, then decide.

Browse Courses Free Document Samples
From $179/year for training · From $497 for documentation · See full pricing →