Skip to content
Signals
Monitoring NVD, CISA KEV, EPSS and the Dragons Community ransomware tracker in near-real timeMonitoring NVD, CISA KEV, EPSS and the Dragons Community ransomware tracker in near-real time
Dragons Community

Resources · Guides

Guides

· Public

Topic-based security guides from beginner to advanced. Documents · Learning Paths · Back to Resources

Total

12

Topics

7

Beginner

3

Advanced

1

IntermediateThreat Intelligence

Fancy Bear Hackers: A Research-Based Overview of APT28

A defensive, research-based overview of Fancy Bear (APT28): who the group is, how it is tracked, who it targets, the major incidents publicly attributed to it, and the practical lessons for defenders.

threat-intelligence · apt28 · fancy-bear · russia · espionageRead →
BeginnerVulnerability Management

Getting Started with Vulnerability Management

Foundational guide for teams beginning a vulnerability management program. Covers asset discovery, scanner selection, risk-based prioritization and remediation workflows.

vulnerability-management · getting-started · scanningRead →
IntermediateThreat IntelligencePro

Building a Threat Intelligence Workflow

Step-by-step guide for establishing a threat intelligence collection and analysis workflow. Covers source selection, normalization, enrichment and dissemination.

threat-intelligence · workflow · analysisRead →
IntermediateRansomware Response

Ransomware Response: First 48 Hours

Practical guide for the critical first 48 hours of a ransomware incident. Covers initial containment, evidence preservation, communication protocols and recovery planning.

ransomware · incident-response · containmentRead →
BeginnerAI Security

AI Security for Defenders

Introduction to AI security concepts for defensive security teams. Covers prompt injection, model poisoning, adversarial inputs and AI supply chain risks.

ai-security · defenders · prompt-injectionRead →
BeginnerCloud Security

Cloud Security Fundamentals

Essential cloud security guide covering shared responsibility, identity and access management, network isolation, encryption and compliance monitoring across major cloud providers.

cloud-security · fundamentals · iamRead →
IntermediateSOC WorkflowsPro

SOC Analyst Runbook: Alert Triage

Practical runbook for SOC analysts handling alert triage. Covers severity classification, enrichment steps, escalation criteria and false positive identification.

soc · alert-triage · runbookRead →
AdvancedPrivacyPro+

Privacy Engineering for Security Teams

Advanced guide connecting security practices to privacy requirements. Covers privacy by design, data minimization, retention policies and cross-functional collaboration.

privacy · privacy-engineering · data-minimizationRead →
IntermediateSOC WorkflowsPro

Threat Hunting with MITRE ATT&CK

A hypothesis-driven threat hunting guide that uses the MITRE ATT&CK framework to proactively search telemetry for adversary behavior, then convert successful hunts into durable detections.

threat-hunting · attack · detectionRead →
IntermediateAI SecurityPro

Securing LLM Applications: Prompt Injection and Defenses

A practical, defense-focused guide to hardening LLM-powered applications and agents against prompt injection, insecure output handling, and related OWASP LLM Top 10 risks.

llm-security · prompt-injection · owaspRead →
IntermediateAI SecurityPro

Defending Against AI-Powered Phishing and Deepfakes

Defend your organization against generative-AI-enhanced phishing, voice clones, and deepfake video by shifting to context-based detection, hardened email controls, out-of-band verification, and phishing-resistant authentication.

ai-security · phishing · deepfakes · social-engineeringRead →
IntermediateSOC WorkflowsPro

AI-Assisted Detection and SOC Automation

A practical guide to using AI, machine learning, and automation to augment human SOC analysts in detection and response without surrendering judgment to the machine.

ai · soc-automation · detection-engineeringRead →
Guides — Dragons Community | Dragons Community