Skip to content
Level 0 – The Courtyard of Curiosity
Level 0 Progress:🔹🔹⬜⬜⬜⬜⬜⬜⬜⬜
🔹🔹⬜⬜⬜⬜⬜⬜⬜⬜
📖 Field Notes
🧙♀️ Journal Entry – Day 1: The Gate Opens
This is where it began.
The dungeon gates loomed before me — not sealed with chains or guarded by fire, but cluttered with forgotten documents, expired passwords, and ancient file structures. The Courtyard was no battlefield. It was a graveyard of good intentions — a place of small steps, fast wins, and the quiet discipline of habit.
I didn’t know much then, only that the realm needed order.
The gate creaked open with a sound older than policy itself. Vines of forgotten frameworks twisted around crumbling statues of former champions, their names long worn away by time — and neglect. Broken signs. Expired certificates. Post-it notes still clinging to aging monitors like cryptic glyphs of a lost civilization.
You step into the Courtyard of Curiosity, the first chamber of the dungeon. It's quiet, but not silent. The wind carries soft murmurs — half-spoken acronyms, rustling awareness posters, and campaign whispers that never reached their audience. Scrolls lie half-buried beneath moss. A faded banner flaps weakly from a stone archway:
“What you don’t know... can audit you.”
There’s no great fanfare here. Just you, a handful of simple quests, and the hum of potential in the air. My first spells were humble — reminders sent to colleagues, old drives cleaned, personal passwords updated — but they sparked something real. A sense of agency. The first flickers of discipline.
A low hum stirs the stones beneath your feet, faintly responding to your intent. It’s not magic — not the dramatic kind — but it is powerful.
This is where it begins.
Before risk can be faced, before dragons can be slain, before frameworks can be conquered... one must first ask:
What does my kingdom even look like?
🧠 Dungeon Purpose
The Courtyard of Curiosity represents the onboarding, context gathering, and early self-awareness stage of compliance.
Before any policies are created, controls mapped, or risks assessed, an organization must learn to observe itself clearly. This level ensures stakeholders understand:
This level often includes groundwork like assigning roles, mapping existing documentation, selecting frameworks, and initiating culture-building.
📜 Quest Log
Status
Quest Name
Description
Assigned Class
Assigned To
Completion Date
Complete?
Not Started
Send a Fun Security Reminder to Your Team
Share a meme or tip about phishing, MFA, or passwords in Slack/email.
🔮 Awareness Sorcerer
Complete ✅
Not Started
Update Your Own Passwords
Walk the talk—rotate your own creds in a secure password manager.
🏹 IAM Ranger
Complete ✅
Not Started
Watch a 10-Minute Security Training Video
Stay sharp—watch something relevant from YouTube or a vendor library.
🔮 Awareness Sorcerer
Complete ✅
Not Started
Log in to Your SIEM or Dashboard (Just to Check)
Visibility matters. Even a casual look helps keep the village safe.
👁️ Logging Watcher
Complete ✅
Not Started
Clean Up an Old Shared Drive Folder
Delete/archive that dusty directory no one touches but everyone fears
🧑🌾 Asset Druid
Complete ✅
Complete
Test Restoring a File from Backup
Grab a file from backup and walk through the restore process to confirm it's usable.
🧝 IR Paladin
🎉 DONE! 🎉
Not Started
Review One Outdated Policy
Pick any dusty doc, review it for accuracy, and mark it for future updates.
🧙 Policy Mage
Complete ✅
Not Started
Identify a Shadow IT Tool
Find something your team is using that isn’t in your asset inventory
🧑🌾 Asset Druid
Complete ✅
Not Started
Share an Awareness Resource Internally
Post a checklist, blog or infographic that helps others get smarter
🔮 Awareness Sorcerer
Complete ✅
Not Started
Add Two New Risks to Your Risk Register
Think creativity - what’s a risk no one’s thought of yet?
🛡️ Risk Barbarian
Complete ✅
Not Started
Review MFA Settings for Your Main Accounts
Log into key accounts and verify that MFA is enabled and functioning.
🏹 IAM Ranger
Complete ✅
Not Started
Host a “Lightning Talk” on a Security Topic
10-minute meeting or huddle. Get nerdy, be helpful
🔮 Awareness Sorcerer
Complete ✅
Not Started
Create a Personal Security Cheatsheet
Draft a 1-pager with your own security best practices, bookmarks, or tools.
🔮 Awareness Sorcerer
Complete ✅
Complete
Draft a “Security 101” doc for new hires
Write a simple internal doc or Notion page with onboarding security basics.
🦉 Lorekeeper
🎉 DONE! 🎉
No results from filter
Want to print your doc?
This is not the way.
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.