Can a cybersecurity mentor or coach really help you break into or grow your career?

In this episode, we break down the difference between mentorship and coaching, why investing in guidance matters, and what a structured 6-month mentorship journey looks like.

We also share real success stories from our mentees—and why going it alone might be slowing you down.

Plus, we’re running a limited-time offer: Get our coaching Plus Plan ($119/month) for the price of the Starter Plan ($69/month) for six months—available to the first 10 sign-ups. Sign-up link provided below.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Connect with us and leave us feedback:

● Cybersecurity Mentors Podcast Swag: https://the-cybersecurity-mentors-pod.myspreadshop.com

● Mentorship - Sign up for a FREE session: https://www.cyberprofessionalservices.com/scheduling-free-consultation

● Sign up for our Newsletter: https://sendfox.com/lp/m2vx85

● Join us on Discord: https://discord.com/invite/g4yRKjnD78

● Follow our LinkedIn page: https://www.linkedin.com/company/cybersecurity-mentors-podcast

● Check out our YouTube channel for more content: https://www.youtube.com/@CybersecurityMentorsPodcast

● TCM Affiliate Link: https://certifications.tcm-sec.com/?ref=198

===========================================================================

Episode Resources:

● Mentorship and Coaching Promotional Sign Up #FIRST10

Link: https://www.cyberprofessionalservices.com/first-10

● CPS Mentorship/Coaching Pricing Plans

Link: https://www.cyberprofessionalservices.com/pricing

Send us fan mail via text

In Part 3 of our Mastering Cybersecurity series, we explore why learning how to hack isn’t just for red teamers — it’s a critical skill for defenders, too. Understanding offensive tactics can sharpen your defensive abilities, improve threat detection, and help you shift from reactive to proactive security.

Plus, having both offensive and defensive skills makes you more marketable in today’s cybersecurity job market, especially for roles that value versatility and hands-on experience.

We’ll also share practical ways to start learning these skills safely using your own home lab — no red team experience required.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Connect with us and leave us feedback:

● Cybersecurity Mentors Podcast Swag: https://the-cybersecurity-mentors-pod.myspreadshop.com

● Mentorship - Sign up for a FREE session: https://www.cyberprofessionalservices.com/scheduling-free-consultation

● Sign up for our Newsletter: https://sendfox.com/lp/m2vx85

● Join us on Discord: https://discord.com/invite/g4yRKjnD78

● Follow our LinkedIn page: https://www.linkedin.com/company/cybersecurity-mentors-podcast

● Check out our YouTube channel for more content: https://www.youtube.com/@CybersecurityMentorsPodcast

● TCM Affiliate Link: https://certifications.tcm-sec.com/?ref=198

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Episode Resources:

Recommended Certifications

PEH – Practical Ethical Hacking

Why recommend it:
Covers the full pentesting pipeline—network scanning, exploitation, privilege escalation, and more—with hands-on tools and labs.

Enroll here: https://certifications.tcm-sec.com/practical-ethical-hacking/?ref=198

PNPT – Practical Network Penetration Tester

Why recommend it:
TCM’s flagship certification simulates a real-world pentest engagement—from external recon to internal exploitation—and includes a full report and video walkthrough.

Enroll here: https://certifications.tcm-sec.com/pnpt/?ref=198

Hands-On Practice Platforms

TryHackMe – Offensive Path
Learn offensive security with guided, hands-on labs.
Link: https://tryhackme.com/

Hack The Box
Pentesting labs and real-world CTF challenges for all skill levels.
Link: https://www.hackthebox.com/

Tools to Explore

Kali Linux
A Linux distro made for penetration testing.
Link: https://www.kali.org/

Metasploit Framework
A powerful framework for exploitation and post-exploitation.
Link: https://docs.rapid7.com/metasploit/

Nmap
Powerful network scanning tool
Link: https://nmap.org

Send us fan mail via text

In this episode, we chat with Carson Sallis, Senior Offensive Security Engineer and Vulnerability Researcher at NVIDIA. Carson walks us through a day in the life of a pentester and shares actionable advice for anyone looking to break into offensive security. He also gives a live demo of fuzzing with AFL (American Fuzzy Lop) and explains how tools like this are used in real-world vulnerability research.
Whether you're just starting out or looking to sharpen your red team skills, this episode is full of insights you won’t want to miss.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Episode Resources:

GitHub: https://github.com/cybersecmentors/season_3_ep_6

Guest: Carson Sallis

Follow Carson and connect for updates, demos, and career insights.

LinkedIn: https://www.linkedin.com/in/carson-sallis/

Fuzzing Tools & Resources

· AFL (American Fuzzy Lop)
The fuzzing tool featured in Carson's demo.
Link: https://lcamtuf.coredump.cx/afl/

· AFL++
An advanced fork of AFL with modern features.
Link: https://github.com/AFLplusplus/AFLplusplus

· Fuzzing: Brute Force Vulnerability Discovery (Book)
A foundational guide for learning fuzzing.
Link: https://nostarch.com/fuzzing

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Connect with us and leave us feedback:

1. Cybersecurity Mentors Podcast Swag: https://the-cybersecurity-mentors-pod.myspreadshop.com
2. Mentorship - Sign up for a FREE session: https://www.cyberprofessionalservices.com/scheduling-free-consultation
3. Sign up for our Newsletter: https://sendfox.com/lp/m2vx85
4. Join us on Discord: https://discord.com/invite/g4yRKjnD78
5. Follow our LinkedIn page: https://www.linkedin.com/company/cybersecurity-mentors-podcast
6. Check out our YouTube channel for more content: https://www.youtube.com/@CybersecurityMentorsPodcast
7. TCM Affiliate Link: https://certifications.tcm-sec.com/?ref=1

Send us fan mail via text

In this episode, Steve and John dive into why securing systems is a must-know skill in cybersecurity. Learn the basics of system hardening, access control, and logging, plus practical tools and labs to get hands-on. They also explore how AI can boost your defense game — and why thinking like both an attacker and defender will set you apart.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Episode Resources:

Hands-On Labs & Platforms

1. TryHackMe
   • Labs: Intro to Windows, Hardening, Linux Privilege Escalation, Pre-Security Path
   • Great for learning system hardening and exploitation from both Red and Blue perspectives.
   • Link: https://tryhackme.com
2. Hack The Box Academy
   • Modules on Windows/Linux fundamentals, Active Directory hardening, and network security.
   • Link: https://www.hackthebox.com/
3. Cyber Defenders
   • Real-world challenges with system logs, hardening tasks, and detection engineering.
   • Link: https://cyberdefenders.org/

Security Benchmarks & Guides

1. CIS Benchmarks
   • Free hardening guidelines for Windows, Linux, macOS, network devices, and cloud platforms.
   • Link: https://www.cisecurity.org/cis-benchmarks
2. Microsoft Security Baselines
   • Microsoft’s official security settings for Windows 10/11, Server, Office, and more.
   • Link: https://learn.microsoft.com/en-us/windows/security/threat-protection/windows-security-baselines

Tools & Scripts

1. Windows Hardening Guide by Debloat Windows
   • Open-source PowerShell scripts to harden Windows easily.
   • Link: https://github.com/ChrisTitusTech/win10script
2. Lynis (Linux Hardening Audit Tool)
   • CLI tool that scans Linux systems and gives a security score with suggestions.
   • Link: https://cisofy.com/lynis/
3. Ansible Lockdown Roles
   • Prebuilt automation scripts for applying CIS hardening via Ansible.
   • Link: https://github.com/ansible-lockdown/

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Connect with us and leave us feedback:

1. Cybersecurity Mentors Podcast Swag: https://the-cybersecurity-mentors-pod.myspreadshop.com
2. Mentorship - Sign up for a FREE session: https://www.cyberprofessionalservices.com/scheduling-free-consultation
3. Sign up for our Newsletter: https://sendfox.com/lp/m2vx85
4. Join us on Discord: https://discord.com/invite/g4yRKjnD78
5. Follow our LinkedIn page: https://www.linkedin.com/company/cybersecurity-mentors-podcast
6. Check out our YouTube channel for more content: https://www.youtube.com/@CybersecurityMentorsPodcast
7. TCM Affiliate Link: https://certifications.tcm-sec.com/?ref=1

Send us fan mail via text

Craig Sheffield shares his unconventional journey transitioning from teaching English in Taiwan to pursuing a cybersecurity career, highlighting how his background in music and audio engineering provided unexpected transferable skills. He also shares his candid experiences with the TryHackMe Security Analyst Level 1 certification.

Episode Resources:

• Craig’s LinkedIn page - https://www.linkedin.com/in/sheffieldcraig/
• Craig’s Github page with his project breakdown - https://github.com/ideafieldpro
• Chris Romano's site for his SOC academy - https://sites.google.com/careerup.tech/careerup-tech
• John Strand and the Black Hills team do Pay What You Can courses - https://www.antisyphontraining.com/
• Free Anki flashcards decks for certification exams (no SAL1) from Josh Madakor - https://lognpacific.com/free-certification-practice-tests/
• MyDFIR youtube channel with projects and career advice - https://www.youtube.com/@MyDFIR

Connect with us and leave us feedback:

• Cybersecurity Mentors Podcast Swag: https://the-cybersecurity-mentors-pod.myspreadshop.com
• Mentorship - Sign up for a FREE session: https://www.cyberprofessionalservices.com/scheduling-free-consultation
• Sign up for our Newsletter: https://sendfox.com/lp/m2vx85
• Join us on Discord: https://discord.com/invite/g4yRKjnD78
• Follow our LinkedIn page: https://www.linkedin.com/company/cybersecurity-mentors-podcast
• Check out our YouTube channel for more content: https://www.youtube.com/@CybersecurityMentorsPodcast
• TCM Affiliate Link: https://certifications.tcm-sec.com/?ref=198

Send us fan mail via text

In this episode, we delve into the often-overlooked yet fundamental importance of learning how to "build" systems, networks, and applications for cybersecurity professionals. Coining the philosophy "Build, Secure, Hack," we explore why hands-on experience in building provides an essential foundation for effectively securing and ultimately understanding how to hack those environments. We discuss the pitfalls of skipping these foundational IT skills, highlight the immense value of setting up a home lab for practical learning, and offer concrete examples of what to build to enhance your cybersecurity expertise and career prospects in today's job market.

Check out our new merch shop! https://the-cybersecurity-mentors-pod.myspreadshop.com

YouTube Resources

• NetworkChuck - https://www.youtube.com/c/NetworkChuck
• Techno Tim - https://www.youtube.com/c/TechnoTimLive
• LearnLinuxTV - https://www.youtube.com/c/LearnLinuxTV
• The Coding Train - https://www.youtube.com/c/TheCodingTrain
• Professor Messer - https://www.youtube.com/@professormesser

Virtualization Platforms

• VirtualBox – Free and easy to use. - https://www.virtualbox.org/
• VMware Workstation Player – Personal use version of VMware.
• Proxmox VE – Advanced, self-hosted hypervisor.

Lab Design Ideas

• pfSense as your firewall/router
• Linux and Windows VMs for practice
• Add vulnerable VMs from VulnHub to practice attack/defend - https://www.vulnhub.com/
• Add Security Onion to practice detection - https://securityonionsolutions.com/

Automation / DevOps

• Ansible – Infrastructure as code for deploying and managing servers - https://www.ansible.com/
• Docker – Build and run isolated containers (great for web apps or SOC tools) - https://www.docker.com/
• HomelabOS – Build an entire lab with one command - https://homelabos.com/

Cloud Options

• AWS Free Tier - https://aws.amazon.com/free/
• Google Cloud Free Tier - https://cloud.google.com/free
• Microsoft Azure for Students - https://azure.microsoft.com/en-us/free/students/

Send us fan mail via text

In this episode, we talk with Doug Burks, founder and CEO of Security Onion Solutions. He shares his journey from computer enthusiast to cybersecurity company founder and how he's helping defenders catch bad guys through accessible network security monitoring tools. We also discuss how important setting up your home lab is as a crucial learning environment for security professionals at all levels.

• Security Onion Solutions
  • https://securityonionsolutions.com/
• Doug Burks – Linkedin
  • https://www.linkedin.com/in/dougburks/
• BSides Augusta
  • https://bsidesaugusta.org/

Check out our new merch shop! https://the-cybersecurity-mentors-pod.myspreadshop.com

Send us fan mail via text

In this episode, we dive deep into the world of cyber deception—from classic honeypots to canary tokens and more. Learn how deception isn't just a defense tactic, but a skill every aspiring cybersecurity analyst should master.

We'll explore real-world stories, ethical considerations, and how strategic deception can give you the upper hand against attackers.

Episode Resources:

• Offensive Countermeasures Book
• Canary Tokens
• Honeyport - Powershell Script

Check out our new merch shop! https://the-cybersecurity-mentors-pod.myspreadshop.com

Send us fan mail via text