Cybersecurity Engineer Learning Path

A structured 16-week journey through the Knowledge Vault for cybersecurity engineers. This path covers all 22 cybersecurity pages, 12 exploit deep dives, 12 deep authentication pages, supply chain security, compliance frameworks, and OSCP preparation. It covers both offensive (red team) and defensive (blue team) security.

Who This Is For

• Developers transitioning into cybersecurity careers
• SOC analysts leveling up to penetration testing
• Security engineers preparing for OSCP or similar certifications
• Anyone building a comprehensive offensive + defensive security skillset

Prerequisites

• Basic Linux command line proficiency
• Networking fundamentals (TCP/IP, DNS, HTTP)
• Basic programming in Python or another scripting language
• Familiarity with web applications (how they work at a high level)

Total estimated time: ~70 hours across 16 weeks

Learning Progression

---

Week 1-2: Networking Fundamentals

Estimated reading time: 4 hours

Security starts with understanding the network. You cannot attack or defend what you do not understand.

• [ ] Required -- Networking Fundamentals (30 min)
• [ ] Required -- TCP/IP Deep Dive (30 min)
• [ ] Required -- DNS Deep Dive (25 min)
• [ ] Required -- TLS Handshake (20 min)
• [ ] Required -- HTTP/2 & HTTP/3 (25 min)
• [ ] Required -- Network Attacks (25 min)

Checkpoint

After this section you should be able to: analyze TCP handshakes with Wireshark, explain DNS resolution and poisoning attacks, understand TLS negotiation, and identify common network attack vectors.

---

Week 2-3: Linux Security

Estimated reading time: 3.5 hours

Most servers run Linux. Understand the OS from a security perspective.

• [ ] Required -- Linux Security (30 min)
• [ ] Required -- Linux Process Model (30 min)
• [ ] Required -- Linux Memory Management (30 min)
• [ ] Required -- Containers from Scratch (35 min)
• [ ] Reference -- Linux Cheat Sheet (10 min)
• [ ] Reference -- Bash Cheat Sheet (10 min)

---

Week 3-4: Web Application Pentesting

Estimated reading time: 4 hours

Web apps are the most common attack surface. Learn to find and exploit vulnerabilities.

• [ ] Required -- Web App Pentesting (30 min)
• [ ] Required -- API Security Testing (25 min)
• [ ] Required -- Security Tools (25 min)
• [ ] Required -- OSINT (25 min)
• [ ] Required -- Bug Bounty (25 min)
• [ ] Required -- Secure Coding (25 min)

---

Week 4-5: OWASP Top 10 Deep Dive

Estimated reading time: 4.5 hours

• [ ] Required -- OWASP Overview (15 min)
• [ ] Required -- A01: Broken Access Control (25 min)
• [ ] Required -- A02: Cryptographic Failures (25 min)
• [ ] Required -- A03: Injection (25 min)
• [ ] Required -- A04: Insecure Design (25 min)
• [ ] Required -- A05: Security Misconfiguration (25 min)
• [ ] Required -- A06: Vulnerable Components (20 min)
• [ ] Required -- A07: Authentication Failures (25 min)
• [ ] Required -- A08: Data Integrity Failures (20 min)
• [ ] Required -- A09: Logging & Monitoring Failures (20 min)
• [ ] Required -- A10: SSRF (20 min)

---

Week 5-6: Real-World Exploits (Part 1)

Estimated reading time: 4.5 hours

Study real CVEs and exploit chains to understand how vulnerabilities are discovered and exploited.

• [ ] Required -- Exploits Overview (15 min)
• [ ] Required -- XSS Advanced (25 min)
• [ ] Required -- Injection Advanced (25 min)
• [ ] Required -- Heartbleed (25 min)
• [ ] Required -- Log4Shell (25 min)
• [ ] Required -- Dirty Pipe (25 min)
• [ ] Required -- SolarWinds (25 min)

---

Week 6-7: Real-World Exploits (Part 2)

Estimated reading time: 4 hours

• [ ] Required -- Crypto Attacks (25 min)
• [ ] Required -- Container Escapes (25 min)
• [ ] Required -- Cloud Misconfigurations (25 min)
• [ ] Required -- Spectre & Meltdown (25 min)
• [ ] Required -- XZ Backdoor 2024 (25 min)

---

Week 7-8: Deep Authentication (Part 1)

Estimated reading time: 5 hours

Understand auth systems deeply to find and exploit auth vulnerabilities.

• [ ] Required -- Authentication Overview (15 min)
• [ ] Required -- Auth Architecture (30 min)
• [ ] Required -- OAuth2 & OIDC (30 min)
• [ ] Required -- OAuth2 Flows (25 min)
• [ ] Required -- JWT Deep Dive (30 min)
• [ ] Required -- Session Deep Dive (25 min)
• [ ] Required -- Token Strategies (25 min)
• [ ] Required -- Auth Attack & Defense (30 min)

---

Week 8-9: Deep Authentication (Part 2) & Authorization

Estimated reading time: 4.5 hours

• [ ] Required -- MFA Deep Dive (25 min)
• [ ] Required -- Passkeys & WebAuthn (25 min)
• [ ] Required -- API Key Design (20 min)
• [ ] Required -- Enterprise SSO (25 min)
• [ ] Required -- Authorization Overview (15 min)
• [ ] Required -- RBAC, ABAC, ReBAC (30 min)
• [ ] Required -- Zanzibar (30 min)
• [ ] Required -- Policy Engines (25 min)

---

Week 9-10: Red Team Operations

Estimated reading time: 4 hours

• [ ] Required -- Red Team Ops (30 min)
• [ ] Required -- Reverse Engineering (30 min)
• [ ] Required -- Malware Analysis (30 min)
• [ ] Required -- Active Directory (30 min)
• [ ] Required -- Cryptography Practical (25 min)

---

Week 10-11: Blue Team & SOC

Estimated reading time: 4 hours

• [ ] Required -- Blue Team SOC (30 min)
• [ ] Required -- Incident Response & Forensics (30 min)
• [ ] Required -- Incident Response Overview (15 min)
• [ ] Required -- Incident Classification (20 min)
• [ ] Required -- Structured Logging (25 min)
• [ ] Required -- Alert Design (25 min)

---

Week 11-12: Cloud & Container Security

Estimated reading time: 4 hours

• [ ] Required -- Cloud Pentesting (30 min)
• [ ] Required -- Container Security (25 min)
• [ ] Required -- Docker Security Hardening (25 min)
• [ ] Required -- K8s RBAC (25 min)
• [ ] Required -- K8s Network Policies (25 min)
• [ ] Optional -- AWS IAM Deep Dive (25 min)

---

Week 12-13: Supply Chain Security

Estimated reading time: 3 hours

• [ ] Required -- Supply Chain Security (25 min)
• [ ] Required -- XZ Backdoor 2024 (25 min -- revisit)
• [ ] Required -- SolarWinds (25 min -- revisit)
• [ ] Required -- Security Scanning in CI/CD (25 min)
• [ ] Required -- Encryption Overview (15 min)
• [ ] Required -- Key Management (25 min)

---

Week 13-14: Compliance & Governance

Estimated reading time: 3.5 hours

• [ ] Required -- Compliance Overview (15 min)
• [ ] Required -- GDPR Engineering (30 min)
• [ ] Required -- SOC 2 (25 min)
• [ ] Required -- PCI-DSS (25 min)
• [ ] Required -- Audit Logging (25 min)
• [ ] Required -- Zero Trust Principles (25 min)
• [ ] Required -- Network Segmentation (25 min)

---

Week 14-15: Advanced Topics

Estimated reading time: 4 hours

• [ ] Required -- Mobile Security (25 min)
• [ ] Required -- Web3 Security (25 min)
• [ ] Required -- Security Certifications (20 min)
• [ ] Optional -- Secrets Management Overview (15 min)
• [ ] Optional -- HashiCorp Vault (30 min)

API security:

• [ ] Required -- API Security Overview (15 min)
• [ ] Required -- Input Validation (25 min)
• [ ] Required -- CORS Deep Dive (25 min)
• [ ] Required -- API Abuse Prevention (25 min)

---

Week 15-16: OSCP Prep & Capstone

Estimated reading time: 5 hours

Synthesize everything into OSCP-style methodology.

OSCP Methodology Review

Revisit these with an offensive security lens:

• [ ] Review -- Web App Pentesting (revisit)
• [ ] Review -- Network Attacks (revisit)
• [ ] Review -- Red Team Ops (revisit)
• [ ] Review -- Linux Security (revisit)
• [ ] Review -- Active Directory (revisit)

War Room Case Studies

• [ ] Optional -- CrowdStrike July 2024 (20 min)
• [ ] Optional -- Facebook October 2021 (20 min)
• [ ] Optional -- Cloudflare Regex 2019 (20 min)
• [ ] Optional -- LiteLLM Supply Chain 2026 (20 min)

---

What You Will Be Able to Do After This Path

• Perform web application and API penetration testing
• Analyze and understand real-world CVEs and exploit chains
• Conduct red team operations including AD attacks and reverse engineering
• Run blue team SOC operations with incident response and forensics
• Audit cloud and container environments for security vulnerabilities
• Assess and secure software supply chains
• Implement compliance frameworks (GDPR, SOC 2, PCI-DSS)
• Prepare for OSCP certification with systematic methodology

Cross-References to Related Paths

• Security Engineer Path -- AppSec, DevSecOps, and building secure systems
• DevOps Engineer Path -- Infrastructure security and incident response
• Platform Engineer Path -- K8s security, network segmentation
• Backend Engineer Path -- Understand the systems you are attacking/defending

---

Total Progress

This path contains approximately 100 pages (22 cybersecurity + 12 exploits + 12 auth + OWASP + compliance + infrastructure). Budget 16 weeks at 4-5 hours per week. The OSCP prep section assumes you will supplement with hands-on labs (HackTheBox, TryHackMe, OffSec labs).