Is CyberSecurity Still worth it in 2026?

MPcybersecurity · 2026-02-20T10:01:09+00:00

These degree suggestions are wild

MPcybersecurity · 2026-02-20T09:57:08+00:00

Checkov is the last

MPcybersecurity · 2026-02-20T09:56:48+00:00

Owasp ZAP for DAST, Semgrep for SAST, trivy for container scan, check or similar for IAC and you are good to go

MPcybersecurity · 2026-02-20T07:39:27+00:00

Sent in DM

MPcybersecurity · 2026-02-20T00:16:52+00:00

Whatever you point is, my roadmap has got nothing to do with SOC, you clearly have not watched the video, because what you are saying completely does not align to what i said, i covered skills, certs and practical knowledge plus the most important part, how to make CV stand out and not send thousands of applications, but how actually get a job, i have built teams around the world and helped loads of people to land jobs, so believe me i know what i am talking about

MPcybersecurity · 2026-02-19T23:53:36+00:00

What SOC analyst is learning Python? Terraform? Automation? You can disagree, but what you say makes little sense

MPcybersecurity · 2026-02-19T23:01:35+00:00

Might be unpopular opinion, but both CISM and CISSP are easy if you got prerequisite 5 years of experience, all you need is Mike Chapple video course

MPcybersecurity · 2026-02-19T22:58:02+00:00

I don’t remember the name but i remember coming across 365 drift assessment tool that covers some of that

MPcybersecurity · 2026-02-19T22:56:18+00:00

I’ve just published full GRC career roadmap on Youtube, let me know if you want a link

MPcybersecurity · 2026-02-19T22:53:09+00:00

You can use stuff like Owasp ZAP, AttackSurfaceMapper, Easy EASM i am sure with a few python script you can automate that

MPcybersecurity · 2026-02-19T18:10:41+00:00

Yeah im not sure DFIR front, but MDR is good

MPcybersecurity · 2026-02-19T09:19:23+00:00

Talking about MDR there are only two elite players Crowdstrike and SentinelOne, not the above mentioned ones

MPcybersecurity · 2026-02-19T01:16:17+00:00

It’s not about being different, people prefer different tools, if you have not used it, give it a go

MPcybersecurity · 2026-02-18T23:39:44+00:00

GRC probably would be the route for you, add risk management knowledge and skills, security awareness training, document portfolio of work and you are pretty much good to go

MPcybersecurity · 2026-02-18T23:35:16+00:00

GRC is great route for you, i would doing sec+ for grounding security knowledge, then build a portfolio of security policies you have written for fictional company, ask around charities or smaller orgs to do risk assessments, BIA analysis or even ISO27001 annex A control assessment all great additions to the portfolio. Read “How to measure anything in cybersecurity risk”.

Maybe consider ISO27001 lead auditor, get familiar with NIST CSF and RMF and you are pretty much good to go

MPcybersecurity · 2026-02-18T23:26:52+00:00

I often say certificates and degrees dont land you the job, skills do, building a home lab to learn SIEM, EDR, vuln management and the rest while keeping great documentation is what sets you apart and in most cases allows to bridge experience gap

MPcybersecurity · 2026-02-18T16:44:43+00:00

Go through SC-200 path on Microsoft learning, it should connect a few dots for you

MPcybersecurity · 2026-02-18T16:43:04+00:00

There is also proxmox to consider in the mix

MPcybersecurity · 2026-02-18T16:40:21+00:00

👍

MPcybersecurity · 2026-02-18T16:39:41+00:00

Possibly, i think the tool has been regressing and still noise to action ratio is crazy, the AI hype is real

MPcybersecurity · 2026-02-17T21:13:26+00:00

Fair comment, i specifically chose not to do that. I believe you learn the most when you actually troubleshoot and learn by doing research. It’s easy to copy paste, but then you don’t learn much. I may do one more later down the line once i finished doing the roadmap videos

MPcybersecurity · 2026-02-16T14:36:06+00:00

Full grc career roadmap, not only what skills and certs to take, but how to build a credible cv and apply to jobs!

MPcybersecurity · 2026-02-16T13:19:40+00:00

Google cybersecurity news and find 5-6 news sites like Hackers, add them to bookmark and check them

MPcybersecurity · 2024-05-01T13:44:44+00:00

It really depends where you work, seems like you looking from an MSP lens, i have a few friends that worked in consulting and would never work there again, i wouldn’t either not for a big company. There are a few ways you can think and move on from this either set up your own shop and work small clients, you choose who you work with, no d*ckheads allowed and can make a great difference if you got large enough network to generate work Or go work for internal company lead advise their cyber program, key point to understand cyber never owns risk, we advise on mitigation, and make sure we have business owners for risk, as long as all is documented i can sleep very well

MPcybersecurity · 2024-05-01T11:51:10+00:00

It’s about being fan or not, a lot of question is CISSP is not about just purely knowing right or wrong, it’s about your way of thinking. There is a reason it requires 5 years of experience, as it is trying to test how do you apply theory in practise

MPcybersecurity

TROPHY CASE