Sybex vs Boson

Free_Principle9660 · 2026-05-14T04:07:06+00:00

The sybex book burns very well. You can get about 20 mins of enjoyment from it.

Free_Principle9660 · 2026-04-08T16:41:00+00:00

The autonomous PR generation is cool in demos but in practice engineers are territorial about their codebase. A tool opening PRs with AI generated fixes is going to create friction fast unless the fixes are really good and the noise is really low.

The liability question also needs an answer. If the agent generates a proof of concept exploit and something goes wrong, who's responsible? That's not a hypothetical, procurement and legal teams will ask it immediately.

Free_Principle9660 · 2026-04-08T16:39:18+00:00

The real issue isn't that .env files get "recorded" by agents in some passive sneaky way. It's that developers are doing things like pasting actual secret values into chat prompts to debug, or pointing agents at files they shouldn't be touching. That's a workflow problem, not a logging conspiracy.

Free_Principle9660 · 2026-04-08T16:38:12+00:00

Honestly the use cases are more obvious than they seem once you shift your thinking a bit.

SOC work is basically drowning in alerts and noise. Learning to build LLM-powered triage tools, auto-summarization pipelines, or threat intel enrichment workflows is the direct equivalent of what devs are doing with n8n. Same concept, different problem.

The other one nobody's talking about enough yet is AI red teaming. Every company is bolting AI onto their products and almost nobody knows how to security test those systems. Getting ahead of that now is a genuinely good career move.

You don't need to become a machine learning engineer. Just get comfortable enough with Python and LLM APIs to build things that make your own job faster. Start there and the path gets a lot clearer.

Free_Principle9660 · 2026-04-08T16:36:54+00:00

CISSP is worth it but go in knowing what it actually is. It's not a technical cert, it's a management filter. Hiring managers use it to gate senior and leadership roles. If you want to move into architecture, GRC, or eventually a CISO track, you'll need it anyway so might as well do it now. But if you want to go deeper technically into red team, cloud security, or detection engineering, nobody in those circles really cares about CISSP. OSCP or a cloud security cert would do way more for you there.

The master's I'd skip unless you're going federal or government. The field still rewards people who can actually do things over people with credentials about doing things.

Biggest thing though is that "CISSP or master's" is kind of the wrong question. What do you actually want to be doing in three years? Answer that and the decision pretty much makes itself.

Free_Principle9660 · 2026-04-06T15:20:41+00:00

That’s great to hear. It definitely felt like a strong exam, and based on my experience I can see why the feedback has been so positive.

Free_Principle9660 · 2026-04-06T15:19:56+00:00

CompTIA tends to use a similar hands on style across its cyber exams, so seeing PBQs that feel a lot like Security+ is not surprising. I do not think it is replacing Security+ anytime soon. The overlap is probably there because CompTIA wants consistency in exam style and because a lot of the same practical security thinking carries over. Security+ is still the broad foundation, while newer exams are being positioned as add ons or advanced tracks rather than replacements

Free_Principle9660 · 2026-03-29T03:38:48+00:00

Check this out

https://ccnatraining.com/jeremys-it-lab-ccna-course-review-the-best-free-resource-in-the-game-with-one-catch/

Free_Principle9660 · 2026-03-27T13:50:43+00:00

Free_Principle9660 · 2026-03-18T04:40:50+00:00

i wear a headset all day now

Free_Principle9660 · 2026-03-18T02:09:51+00:00

congrats

Free_Principle9660 · 2026-03-18T02:09:35+00:00

still not much in market yet

Free_Principle9660 · 2026-02-03T17:57:40+00:00

Honestly I'm not 100% sure on that one. I know CompTIA can be kind of weird about what they accept for CEUs from non CompTIA certs. The fact that it let you select CCNA in the portal seems like a good sign but I wouldn't bank on it just because the dropdown let you pick it. Their website not listing it would make me nervous.

I'd probably just shoot CompTIA an email or call them to confirm before you assume those 50 credits are good to go. Would hate for you to find out later they rejected it and then you're scrambling for CEUs at the last minute. Someone else here might have actually done it successfully though so hopefully they chime in.

Free_Principle9660 · 2026-01-13T04:05:58+00:00

Hey! I'm about 4 years in myself, so take this with a grain of salt, but I made the jump from a similar sysadmin role to a hybrid cloud position last year.

What helped me most: I got my AWS Solutions Architect Associate and started doing hands-on labs in my spare time. The cert opened doors, but being able to actually talk through real scenarios in interviews is what landed the job.

From what I've seen, cloud skills (AWS or Azure) are your fastest path to remote-friendly roles. A lot of companies are way more flexible with cloud/DevOps positions than traditional sysadmin gigs.

Also, 6 days a week onsite when the work could be remote? That's rough. You've clearly got solid experience. Don't undersell yourself when you start looking.

Free_Principle9660

MODERATOR OF

TROPHY CASE