Hey everyone 👋,
I’m still not sure how to categorize this article and might change it later—we’ll see. I do intend on creating a series about infosec content beyond CTFs, i.e.: Active Directory, Home Labs, and Malware Analysis to name a few. So, naturally, I decided to create a series called Infosec and place this article inside it. Let me know in the comments if you think this is a good place for content like this or if I should categorize it elsewhere. Nonetheless, let’s get straight to it.
A couple of weeks ago I wrote an article summarizing “My Journey in Cybersecurity Up to Now” and I feel like I should do a follow-up to this by laying out my thought process and overall perspective of things. First, I’ve decided to go back to the basics and enroll in the eLearnSecurity Junior Penetration Tester (eJPTv2) certification/course. I honestly feel the struggle of retaining penetration testing techniques and don’t feel like I quite have a strong foundation, yet. Although I seem to do decent in CTFs and will continue to supplement my learning by blogging about them, I realize penetration testing should not be compared to these environments. Ultimately, my goal is to retire from the Air Force in a few years and transition into the infosec industry; however, for me to do this I need to be strong at the core. So, rather than pursuing the Professional Network Penetration Tester (PNPT) certification by TCM Security right now, I am shelving my test voucher and will be taking a gradual approach to this space by moving in small increments as I gain more confidence – kind of like the boiling frog analogy.
So why this post? Well, it’s important we're honest with ourselves and not compare or measure our knowledge and success based on others around us. I’m guilty of this. I see all the time on my LinkedIn people passing complicated certifications, posting successful bug bounties, and getting hired by a company to do a sweet penetration testing job. I’m extremely happy for these people and sort of place them on a pedestal—which has become blinding and negating to my learning and growth and could be doing the same for yours. Take a step back and develop your timeline based on your wants, desires, and needs. But don’t sacrifice personal time for yourself, your family, or your friends. You’re important and so are the people around you. Trust me, they want to see you succeed as much as you do, but they also want to be in the picture with you. Balance is key and it will benefit your learning capacity. Cramming information leads to study overload and will do more harm than good. After all, the frog that was slowly introduced to warmer waters didn’t realize it right away, compared to the other frog that was immediately dumped in boiling water.
Your drive to learn and become better in whatever it may be: ethical hacking, programming, art, speaking, etc… will happen if you want it. But be mindful not to overstudy and don’t let other successes keep you from getting a full eight hours of sleep, going to the gym, eating healthy, and hanging out with your loved ones. Finally, I want to add that you should be having fun with this. If these subjects are something you are passionate about, then turn that energy into a positive one and have a good time. Create something cool, beautiful, or helpful. Just remember to stay true to yourself and take your time learning.
Thank you for coming to my TED talk.