import os

whoami

I'm Rick, above 35 years old, always tinkering like an engineer with various things, such as computers, electronics, random items that one can disassemble. My studies were about theater and I used to be a teacher in primary school. Founder in the vaping industry known at national level about my successful artisanal company, for which I brag about at every chance, even though I exited the market and quited vape. Have been working out periodically in heavy blue-colar jobs, because why not earn money while exercise. Passed briefly from sales, and customer service that buffed my soft skills even more.

pwd

I recently moved from south to central EU, and this is my blog.

nmap -vV blog

It's been only 3 months since I moved and I decided to write a blog about my journy in cybersecurity, express thoughts, worries, curiosities and fill my midnight hour writting text.

plaintext

It all began not long ago when I reunited with old friends and met new ones with them. I saw a group of 4 and a half to talk about security, about linux, CLIs and I was fascinated. I kindly asked to join and they accepted me besides my theoretical & artistic background. They had founded a start-up cybersecurity company just a year before I enter the team.

Well... Not from the first time, nor all of them, but it barely matters now!

So, I started with wrong baseline, studying and getting so much information, way above my experience that I burnt my brain after 3 months of 13-14h daily study. It was summer, I was then a school teacher, so my vacation time went all to study and many hours spent with my co-worker friends.
After almost a year of working with them in total, I decided that I will be back in the cybersecurity field stronger than ever. Without burning my brain, without pointless study material above my experience and understanding or unstructured path.

uname -v

My certificate timeline is a bit weird considering I started and managed to achieve CPTS 40%, without even having any fundamental knowledge about cybersecurity.
At the expiration of 2025, just before new year's eve I finished my IT Support professional certificate by Google, starting with the basics, understanding networks
2026 started with Google Cybersecurity professional certificate in my quiver, learning so much about the field of networks, risk identification and classification, working extensively on linux, learning python basics and rewiring my brain for automation.
Governance, Risk, and Compliance was a sector I had some experience due to seminars I wrote for and presented to corporate clients in the past, so I refreshed my memory and enhanced my knowledge taking the Kennesaw State Univeristy's GRC certification also on January.
Next morning I needed a break and though, why not reinforce my curriculum vitae with AI, and within 2 days I pushed for the Google Prompting Essentials, which was a fun to obtain certification, giving me extra tips about throughfully create really excellent inputs.

tail -f

Currently struggling with expanding my python skills with Microsoft's Python Development certificate, which will eventually lead me to automate most of my tasks and repetitive commands. I need to understand algorithms at this point, because believe me when I tell you maths wasn't really my strong point as a student.

Privacy and Standardisation by 28DGTL is a really nice way to interpret legal texts for technological solutions. GDPR for exanple is an easy concept when you search about it online, but trust me the legal documents are way more fascinating to read. Missing some parts from this certification, but I paused it to move further on my technical knowledge.

KodeKloud offers the DevOps Mastery Specialization certificate on Coursera, which is of course a certificate of participation since it's free, but I want to learn Ansiible. Its not so efficient timewise to take the 71h courses, which will easily will be between 60-80 due to "exam" items. But I like to gather knowledge, it will be useful at some point to have an idea about Terraform and DevOps than just learn "Ansible for the Absolute Beginners" in a 11h course.

I have all the time in my disposal for the next some months, so I kind of collect knowledge, certifications and build solid understanding, in my trial to conquer the cybersecurity field some day, and why not in 10-12 years climb up to the C-suite. Thats my humble ambition after all.

In my collective spree I have included the Information Systems Auditing, Controls and Assurance free certification by Hong Kong University of Science and Technology. This I have been only up to 5% so I have no personal opinion, although I read good reviews and it's just 9 hours to complete. It's supposed to be a comprehensive preparation about CISA or an equivalent recognised certification.

I logged today in my TryHackMe account after a 2 year absence. I mean, I like the ease of their platform, but I prefered HackTheBox's content where you either sink or swim. So, I completed the Pre Security (SEC0) path, and for the sake of gathering I booked the exam of it, which I'll pass first thing tomorrow. The comeback was strong and financialy inefficient because I booked in bundle the SEC1 certification.

For the sake of hands-on experience that you can get on THM, I will apply my current knowledge on the SEC1 which is probably supplementary to the Google's Cybersecurity, giving me confidence by practicing all the theory.

Certainly not last and for sure not least, PT1 the Penetration testing exam is booked, and I only need to complete the path to it. Hands-on labs to actually utilize tools and not only reading their manuals, with an exam that chews CEH and other recognised multiple choice questionair certifications for breakfast.
Yes it's cheap, yes it's new, but will give me the hands-on experience I lack and I will learn how to actually use the tools I read. I'm so excited about this one!

git clone

It makes much sense to have a github, or at least a blog site hosted there since it's free and won't have any earnings. I totally agree with you, Claude's honest and brutal opinion almost made me suffer briefly. Even though it's a catchy project, I don't have any interest to learn HTML, php or Markdown in depth. My blog will have the same text wherever it's hosted anyway. Therefore, I chose an AI generated solution with flaws to fix and maintain, conduct penetration testing to myself without anybody suing me. I can see the value to web designers or CS students, but not for me, at least not for the next 12 months!