← Dashboard

roadmaps / cybersecurity

How to become a cybersecurity analyst

A practical, stage-by-stage path from beginner to hireable in cybersecurity — the fundamentals, hands-on hacking labs, and the certs that open doors. Free resources at every step.

updated jul 2026·8 stages·~8–14 months at a steady pace
$ how this roadmap works
Work the stages in order — you can't secure systems you don't understand, so foundations come first.
Every resource is free. The hands-on labs matter most: security is a skill you build by doing.
Only ever test systems you own or are explicitly authorized to assess. The labs here are legal by design.

Cybersecurity is one of the most in-demand, best-paid fields in tech, with a huge talent shortage and a clear path in that doesn't require a degree — it's judged on skills. The mindset is what matters: assume everything can be attacked, then learn how. The fastest way in is a mix of fundamentals and hands-on practice in safe, legal environments built for exactly that. These eight stages take you from "what's a firewall?" to landing your first security role.

STAGE 01 / 08

IT & networking foundations

You can't defend what you don't understand. Start with core IT and networking: how computers, servers, and the internet actually work — DNS, HTTP(S), TCP/IP, ports, routing, and firewalls. Understanding how a request travels the network is the mental model behind almost every attack and defense.

This is the single most important foundation in security. Give it real time before moving on.

SKILLSTCP/IP & DNSports & protocolsfirewalls & routing

STAGE 02 / 08

Linux & the command line

Security work happens on the command line, and most tools and servers run Linux. Get fluent: the file system, permissions, processes, users, and the everyday commands. Learn a little Bash scripting too — automating tasks is a core security skill.

The best way to learn is by playing. OverTheWire's Bandit teaches Linux and SSH through a legal, addictive set of challenges.

SKILLSLinux command linepermissions & usersBash scripting

STAGE 03 / 08

Security fundamentals

Now the security concepts themselves: the CIA triad (confidentiality, integrity, availability), common threats and attack types, cryptography basics, authentication, and how defenders think. A structured course ties it all together and gives you the vocabulary every security role assumes.

The Google Cybersecurity Certificate is an excellent, beginner-friendly on-ramp that covers the whole landscape.

SKILLSCIA triadthreats & attackscrypto basicsauthentication

STAGE 04 / 08

Hands-on hacking labs

Theory only gets you so far — security is learned by doing. Thankfully there's a whole ecosystem of free, legal environments built to be attacked. TryHackMe is the friendliest on-ramp with guided rooms; picoCTF offers self-paced capture-the-flag challenges. This is where it clicks.

Practice consistently here — the hands-on skill you build is exactly what employers and certifications test.

SKILLSTryHackMecapture the flagenumeration

STAGE 05 / 08

Web application security

The web is the biggest attack surface there is, making web security one of the most valuable specialties. Learn the standard risks — SQL injection, XSS, broken access control — via the OWASP Top 10, then practice exploiting and fixing them in the world-class (and free) PortSwigger Web Security Academy.

This skill alone can land a job; it's in demand everywhere software is built.

SKILLSOWASP Top 10SQL injection & XSSBurp Suite

STAGE 06 / 08

Network security & tools

Get fluent with the tools every practitioner uses daily. Wireshark lets you inspect network traffic packet by packet; Nmap discovers and maps hosts and services. Learn to read traffic, spot what shouldn't be there, and understand how attackers probe a network.

These are the instruments of the trade — being comfortable with them is expected in any security role.

SKILLSWiresharkNmaptraffic analysis

STAGE 07 / 08

Certifications

Cybersecurity is a certification-heavy field, and the right cert gets you past résumé filters. CompTIA Security+ is the standard entry-level credential that many analyst jobs list by name. As you specialize, credentials like the CEH or offensive-security certs signal deeper skill.

You don't need many — one well-chosen cert plus hands-on lab experience is a strong combination for a first role.

SKILLSCompTIA Security+exam preparation

STAGE 08 / 08

Specialize & land the job

Security is broad — pick a direction as you go deeper. Blue team (defense, SOC analyst, incident response), red team (offensive, penetration testing), application security, cloud security, or governance and compliance. A focus makes you memorable and gives your learning a goal.

Then land it: keep a public record of your lab work and write-ups, build a presence in the community, and prepare for interviews. Entry roles like SOC analyst are common first jobs. You're ready when you can explain how an attack works — and how you'd stop it.

SKILLSblue vs red teamwrite-ups & portfoliointerview prep

Keep going

Go deep on any stage with the full cybersecurity study lists.