Certifications, Learning Resources, and Next Steps

This is the final post in the Ground Up series. You’ve covered networking, operating systems, web security, cryptography, attack techniques, and defense. You know the career paths and have a lab to practice in.

Now the question everyone asks: what certifications should I get, and what do I study next?

Certifications: The Honest Take

Certifications aren’t a substitute for skills. But they do three things:

Get past HR filters - Many job postings require specific certs
Prove baseline knowledge - Especially when you lack professional experience
Structure your learning - Studying for a cert gives you a curriculum

The industry has mixed feelings about certifications. Some hiring managers care about them deeply. Others only care about what you can demonstrate. The safest approach: get the certs that open doors, but invest equally in hands-on skills.

Certification Roadmap

Tier 1: Foundation (Starting Out)

These validate foundational knowledge and are widely recognized for entry-level roles.

Certification	Focus	Cost	Notes
CompTIA Security+	Broad security fundamentals	~$400	Most requested cert for entry-level security jobs. Covers everything in this series at a surface level. DoD 8570 approved.
CompTIA Network+	Networking fundamentals	~$360	Useful if networking is weak. Not required if you already have strong network knowledge.
(ISC)² CC	Security fundamentals	~$250	Newer alternative to Security+. Free training materials from (ISC)².

Recommendation: CompTIA Security+ first. It’s the most recognized entry-level security certification and is often a hard requirement in job postings.

Tier 2: Specialization (1-2 Years In)

Once you have foundational knowledge and some experience, specialize based on your chosen path:

Offensive Security:

Certification	Focus	Cost	Notes
eJPT (INE)	Junior penetration testing	~$250	Hands-on exam, practical. Good stepping stone.
PNPT (TCM Security)	Practical penetration testing	~$400	Practical exam with report writing. Community favorite.
OSCP (OffSec)	Penetration testing	~$1,600+	Industry gold standard for pentesters. 24-hour practical exam. Difficult but respected.

Defensive Security:

Certification	Focus	Cost	Notes
CCD (CyberDefenders)	Cyber defense analyst	~$400	Practical blue team exam.
BTL1 (Security Blue Team)	Blue team operations	~$500	Hands-on, covers SIEM, IR, threat hunting.
SANS GIAC (various)	Specialized defense topics	~$2,000-9,000	Expensive but highly regarded. GCIH, GCIA, GCFA are top picks.

Cloud Security:

Certification	Focus	Cost	Notes
AWS Cloud Practitioner	AWS fundamentals	~$100	Start here for cloud knowledge.
AWS Security Specialty	AWS security	~$300	After cloud fundamentals.
AZ-500 (Microsoft)	Azure security	~$165	For Azure environments.

GRC:

Certification	Focus	Cost	Notes
CISA (ISACA)	Information systems auditing	~$575	Requires 5 years experience (waivers available).
CISM (ISACA)	Security management	~$575	Management-focused.
CISSP ((ISC)²)	Broad security management	~$750	Requires 5 years experience. Often called “a mile wide and an inch deep.”

Tier 3: Advanced (3-5+ Years)

Certification	Focus
OSEP (OffSec)	Advanced penetration testing, evasion
CRTO (Zero Point)	Red team operations with C2 frameworks
GCFA (SANS)	Advanced digital forensics
CCSP ((ISC)²)	Cloud security

These are for when you’ve been in the field for several years and want to validate deep expertise.

Free Learning Resources

You don’t need to spend thousands to learn. The best resources in security are free or affordable.

Structured Learning Paths

Resource	Best For	Cost
TryHackMe	Guided beginner paths, hands-on	Free tier + $14/mo
HackTheBox Academy	Structured modules with labs	Free tier + paid
PortSwigger Web Security Academy	Web application security	Free
Professor Messer	CompTIA exam prep videos	Free
Cybrary	Various security courses	Free tier + paid

Practice Platforms

Platform	Focus
OverTheWire	Linux, networking, crypto challenges
PicoCTF	Beginner CTF challenges
CyberDefenders	Blue team challenges
LetsDefend	SOC analyst simulation
Malware Traffic Analysis	PCAP analysis practice

Reading

Resource	What It Is
MITRE ATT&CK	Comprehensive attack technique reference
OWASP	Web application security standards and guides
Krebs on Security	Investigative security journalism
The Hacker News	Daily security news
Darknet Diaries	Security stories podcast

YouTube Channels

Channel	Focus
John Hammond	CTF walkthroughs, malware analysis
NetworkChuck	Networking and security basics
IppSec	HackTheBox walkthroughs (detailed)
The Cyber Mentor	Practical hacking courses
LiveOverflow	Binary exploitation, CTFs
13Cubed	Digital forensics and incident response

Building Your Profile

Certifications and knowledge matter, but so does demonstrating what you can do.

Start a Blog or Write-Ups

Document your learning. Write CTF walkthroughs, lab build guides, vulnerability analyses. This does three things:

Forces you to understand things deeply enough to explain them
Creates a public portfolio of your skills
Shows hiring managers you’re genuinely passionate about security

Contribute to Open Source

Security tools are often open source. Contributing shows practical coding ability and community involvement:

Fix bugs in security tools
Write detection rules for Sigma, YARA, or Snort
Contribute to documentation
Build small tools that solve a specific problem

Participate in CTFs

Capture The Flag competitions test practical skills in a competitive format:

CTFtime - Calendar of upcoming CTFs worldwide
PicoCTF - Always-available beginner CTF
NahamCon CTF - Annual beginner-friendly competition

Get Involved in Communities

Community	Where
r/cybersecurity	Reddit
r/netsec	Reddit (more technical)
InfoSec Discord servers	Various (TryHackMe, HackTheBox, BHIS)
Local BSides conferences	Security BSides
DEF CON groups (DC Groups)	defcon.org/dc-groups

BSides conferences are especially valuable - they’re affordable (often free), community-driven, and you’ll meet people who are hiring.

A Practical Plan: Your First Year

Here’s a concrete roadmap for your first year in cybersecurity:

Months 1-3: Foundation

Complete this series (done)
Set up your lab
Start TryHackMe’s Complete Beginner path
Begin studying for CompTIA Security+
Start a blog or notes repository

Months 4-6: Build Skills

Pass Security+
Complete 10+ TryHackMe rooms or HackTheBox machines
Start PortSwigger Web Security Academy (if interested in web/AppSec)
Write 3-5 blog posts or CTF write-ups
Join a community (Discord, Reddit, local meetup)

Months 7-9: Specialize

Choose your career path
Start path-specific training (eJPT for offensive, BTL1 for defensive, etc.)
Participate in a CTF
Start applying for entry-level positions (SOC Analyst, Junior Pentester, Security Analyst)

Months 10-12: Level Up

Pursue your Tier 2 certification
Build a more complex lab (Active Directory, monitoring stack)
Contribute to an open-source project
Attend a BSides or virtual security conference

Breaking In Without Experience

The hardest part of cybersecurity is the first job. “Entry-level” positions often ask for 2-3 years of experience. Here’s how to get past that:

IT experience counts. Help desk, system administration, network administration - all build transferable skills. Many security professionals started in IT.
Internships. Some companies offer security internships. Apply broadly.
Certifications compensate. When you lack experience, certifications prove you’ve studied.
Projects demonstrate skill. A lab, a blog, CTF rankings, and open-source contributions show you can do the work.
Network. BSides conferences, Discord communities, LinkedIn. Many jobs are filled through referrals.
Consider adjacent roles. SOC Analyst, IT Security Analyst, Compliance Analyst - these are genuine entry points, not detours.

The Series in Review

Here’s everything the Ground Up series covered:

Module	Posts	What You Learned
1: Networking	3	IP addresses, DNS, TCP/UDP, HTTP, ports, protocols
2: Operating Systems	3	Linux commands, permissions, Windows internals
3: How Things Break	4	Web apps, XSS, SQL injection, authentication attacks
4: Cryptography	2	Encryption, hashing, TLS, certificates
5: Attacker’s Playbook	6	Kill chain, recon, reverse shells, privesc, social engineering
6: Defender’s Playbook	3	Logs, SIEM, incident response, hardening
7: Getting Started	3	Career paths, lab setup, certifications

That’s 24 posts covering the core knowledge every cybersecurity professional needs. You’re not an expert - nobody is after reading a series. But you have the map, the vocabulary, and the foundation to go deeper in any direction.

References

This series gave you the foundation. What you build on it is up to you. The cybersecurity industry needs people who are curious, persistent, and willing to keep learning. If you made it through 24 posts about how computers break and how to defend them, you have all three. Go build something.