I know this may be a very general question, but there are so many resources I don’t know where to start.

I’m afraid with the free TryHackMe plan I’m limiting myself a lot.

I know portswigger trining, is it better than TryHackMe?

Am I better off starting directly with CTFs? If yes, which is the best to use? (overthewire, hackthebox …)

Is roadmap.sh reliable?

How important are the certificates? I am a tech illiterate but never cared about certificates.

Or as a last resort, is it better to start directly with hackthebox?

    • ursakhiin@beehaw.org
      link
      fedilink
      arrow-up
      2
      ·
      11 months ago

      I came across this today. This is excellent. I’ve already shared it with 2 people I know could benefit from it. Thanks for such a great write up.

  • siravious@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I am a former enterprise architect in the cybersecurity space as well as a former director of cybersecurity operations and now own a cybersecurity consultancy.

    My best advice is to ignore the tools for now. Understand the concepts of cybersecurity across all domains you can - from endpoint protection to privileged access management.

    You can pick up a lot of this during the prep for certifications like CompTIA’s or CISSP.

    Then whatever you find yourself most passionate about, find an entry level job in that discipline and that can be a way of starting “real world” exposure to the rest.

    I hope this helps in some way, and best of luck!