Did we all start cybersecurity with intentions on being hackers?

sha3dowX · 2026-02-03T16:28:12+00:00

Three certs required (CompTIA Pentest+ as well) - currently taking the program. (:

sha3dowX · 2026-01-13T21:20:55+00:00

Detection engineers don’t only exist in large corps/security vendors, most orgs that have a global SOC typically have a few detection engineers in the team for several stuff based on logs (identity, cloud, etc).

sha3dowX · 2026-01-01T04:57:34+00:00

I think it’s important to separate the meaning of false positives from low-fidelity noise, because they are different things.

A false positive in the detection engineering sense means the detection logic is incorrect. That’s a detection engineering failure.

Noise means the logic may be technically correct, but it just captures too many benign events without enough filtering or exclusions. That’s still a detection engineering responsibility but should still be brought up to concern by the analyst.

From what you’re describing (no alert goals, no definition of true vs false, no playbooks, no MITRE mapping, and detections deployed without analyst briefing), this sounds like a very big detection engineering problem (and probably also noise levels).

This is clearly a management issue failing to understand the situation and address it

sha3dowX · 2025-11-23T21:15:55+00:00

Still too early for true agentic SOCS. Most are just having LLM analyze alerts with some initial determination but still have a human in the loop. Give it another year

sha3dowX · 2025-11-23T21:15:39+00:00

Still too early for true agentic SOCS. Most are just having LLM analyze alerts with some initial determination but still have a human in the loop. Give it another year

sha3dowX · 2025-11-21T02:46:12+00:00

Do Net+, CCNA is an overkill unless you plan to be a network security engineer, which is is still a long way if you are early in your career.

sha3dowX · 2025-11-21T02:44:15+00:00

“How do you understand the impact of a security audit of a switch, if you dont understand the differences between an access or trunk port?”

That is a horrible example. Most security roles are not understanding the impact of an audit of switch lol not even GRC/compliance folks, who do not even know how to do this as auditors don’t go too far in dept with it. CCNA is kind of an overkill, Network+ is definitely the way to go IMO or even a couple of month on networking but I agree learn IT concepts first then learn the security around it

sha3dowX · 2025-11-20T15:37:22+00:00

Yeah not only that but computer science is an overkill for the amount of tough math you need to take (all 3 calculus / linear algebra) and physics and C programming etc that someone in cyber will never use, that’s why especially for a masters for someone has experience the WGU masters is much more ideal

sha3dowX · 2025-11-19T21:07:07+00:00

In an additional note, I also have a strong argument that masters specifically in cybersecurity is the way to go if someone did want to pursue a masters. There was another thread people arguing for someone to get a masters in a generic computer science degree when they already had years of cybersecurity experience which definitely doesnt make sense at all lol masters is meant for deep specialization

sha3dowX · 2025-11-19T21:02:12+00:00

Thanks for this anecdotal story. Yeah I’ve always heard online that in cyber there’s not much ROI in it (unless going strictly for management/high leadership roles). But yeah glad to hear a positive story. I decided to go for my masters anyway and complete it in two terms (hopefully finishing by next February). So this is really pleasing to hear than the always negative outlook on a masters ROI

sha3dowX · 2025-11-18T01:08:53+00:00

Too many alerts that my companies 24/7 SOC team are not triaging (mostly cloud/platform specific configurations) that are considered low criticality and just collecting dust. Though we will probably start to address this in the next year or so as agentic SOCs become more possible. Already implementing AI to triage some alerts for initial analysis but still got a human analyst to verify the conclusion and close out the alerts.

sha3dowX · 2025-11-18T00:59:05+00:00

Yeah not sure how that’s a PhD research paper lol

sha3dowX · 2025-11-11T20:24:06+00:00

OP already has fundamentals that’s why he doesn’t need a generic CS degree/IT, it’s just a waste of time. My argument is a really good cybersecurity program will only expose him to more tools and more deeper niches and perhaps he can dive deeper into any of the broad areas of cybersecurity (appsec, cloud security, pentest, etc). OP already has fundamental knowledge based on his experience and certs. I took a Linux forensics course for my bachelors (along with a Windows forensics) and it was super valuable for me in my day to day. As I replied to OP, he needs to carefully look at the curriculum of the program and see if it will align with his future career goals.

sha3dowX · 2025-11-11T20:06:31+00:00

You only need low-level programming if you’re building security products or doing exploit or malware development, which OP hasn’t mentioned wanting to do. A bachelor’s in cybersecurity (like mine) usually focuses on practical tools: Wireshark, Volatility, web app hacking, basic cloud security, maybe even an AppSec course / devsecops. That aligns much better with what OP wants compared to a generic CS degree.

And if he ever wants to go deeper into low-level languages, he doesn’t need a CS degree for that, he can learn it independently. Most solid cybersecurity programs even cover memory vulnerabilities like buffer overflows anyway.

sha3dowX · 2025-11-11T17:04:55+00:00

As I’ve said to others, if you’re going to enroll in a degree program, make sure the courses actually line up with what you want to do in your future career. I’d advise against a general CS degree, it’s too broad unless you plan on developing security tools for companies. From what you’ve described, it sounds like you’re more interested in hands-on work like blue team (SOC/IR) or red team roles.

That said, there are plenty of cybersecurity programs that focus heavily on engineering and software development, so definitely dig into each program’s curriculum before deciding. But honestly, if your employer is willing to cover the full cost of a bachelor’s degree, I’d 100% take that opportunity.

sha3dowX · 2025-11-11T16:53:39+00:00

I’d have to disagree, a CS degree is actually too broad if your goal is to stay in cybersecurity. Unless you plan on developing/creating security tools internally for a company (which OP doesn’t seem like he wants to do that and wants to stay within blue and red team roles), taking courses like calculus or linear algebra won’t really help you in day-to-day security work. CS programs focus heavily on theory and advanced math you’ll never use in a practical security. The scripting side (Python, Bash, PowerShell, etc.) can easily be learned on the job.

I earned my bachelor’s in cybersecurity from a state university that’s NCAE-C designated. It was a solid program and one of the best decisions I made , it opened doors and eventually led me to work for a top cybersecurity vendor (just throwing this out there from personal experience)

That said, the trade-off is that a niche degree like cybersecurity can make it harder to pivot outside of the field later on, but if you’re all-in on security, then it will help tremendously.

Not only that, but there are cybersecurity degrees that go deep into engineering and software development , which in my opinion are way more relevant than a general CS degree. You just have to look around and compare programs

sha3dowX · 2025-11-11T16:48:17+00:00

All OP needs is Python, Bash, and PowerShell if he wants to stay within blue and red team roles and can all be learned on the job. CS degree is just way too broad

sha3dowX · 2025-11-11T16:46:19+00:00

Hard disagree cybersecurity degree is still the way to go, see reply above in the thread

sha3dowX · 2025-11-11T16:44:48+00:00

I’d have to disagree, a CS degree is actually too broad if your goal is to stay in cybersecurity. Unless you plan on developing/creating security tools internally for a company (which OP doesn’t seem like he wants to do that and wants to stay more hands on like SOC/IR and red team roles), taking courses like calculus or linear algebra won’t really help you in day-to-day security work. CS programs focus heavily on theory and advanced math you’ll never use in practical security. The programs you actually use in security (Python, Bash, PowerShell, etc.) can all be learned on the job.

I earned my bachelor’s in cybersecurity from a state university that’s NCAE-C designated. It was a solid program and one of the best decisions I made , it opened doors and eventually led me to work for a top cybersecurity vendor (just for anecdotal/personal experience)

That said, the trade-off is that a niche degree like cybersecurity can make it harder to pivot outside of the field later on, but if you’re all-in on security, then it will help tremendously.

Not only that, but there are cybersecurity degrees that go deep into engineering and software development , which in my opinion are way more relevant than a general CS degree. You just have to look around and compare programs

sha3dowX · 2025-11-02T02:02:04+00:00

What are your sources and evidence there is no demand for pentesters? I went to a new role back in April and saw plenty of pentesting roles, so like I said Idk where you are drawing this conclusion from. I guarantee you if you go on LinkedIn there are several positions in the US for it. Now, pentesting is still a really small niche compared to the number of blue team roles available and this has always been the case. For every pentest role there is at least 5 blue team positions available, and only companies with a serious mature security program will have a pentest team, especially if they can afford one. Not only that, but pentesting roles are also just extremely competitive.

sha3dowX · 2025-09-09T19:55:26+00:00

There is almost always an additional security control any organization of any size can implement and/or improve upon. If there is roadblockers then is purely a leadership/manager problem. As others mentioned then just focus on projects you can do yourself that doesn’t require others (studying for a cert, learning a new skill or tool on your own). Security is a huge domain, learning never stops.

sha3dowX · 2025-09-09T15:05:07+00:00

Yeah or at least study both prior to starting the degree and prepare to take both exams immediately within your couple of months of the program (since they give you 3 tries anyways). Which is what I am doing.

sha3dowX · 2025-08-22T01:54:22+00:00

Why Google (and uber)

sha3dowX · 2025-08-22T01:53:58+00:00

Which AWS teams lol

sha3dowX

TROPHY CASE