when learning and training for certifications ALWAYS go to the vendor, don't waste your money on outsourced training. the materials will either be outdated or incomplete.

your training and your time should be looked at as an investment. Some types of training are offered by employer partnership only.

I am in no way affiliated with the resources I'm giving to you to learn from, these are just what i have seen across job requirement baselines and the fastest way to learn

These are from my industry experience paired very biased scrutiny being an attacker and defender and should give you the basic skills and things you need to at least operate efficiently to a basic level

This is your starting point to plan your path and what certifications are relevant after the certs youll want vendor training.

In order to work on the blue team, you need to at least have security+, linux+, network + and cysa+ because this helps to show have knowledge in all the basic domains. Its HR food. With this and a student hack the box academy completion (soc path and pentester path) your in a very good position and will probably do better than mid level analysts) You'll eventually move to siems and edr vendor trainings.

The reason for this, you know how attackers move, your familiar with basic networking, everyone knows somewhat about windows and linux (a+ covers those gaps and you may not need them much) you know how to handle incidents and are familiar with security policies. I work as a security analyst myself with the oscp.)

For Red team you might as well forget it unless you have the baseline oscp and have multiple areas covered. Anyone that tells you otherwise had gotten lucky, has ec council and dod compliant or is lying look at the job descriptions yourself. follow the roadmap. CEH is for incident handling not hacking. they are part of the dod approved cert baselines see under paul jeremy.

Cyber Security - Learning

Networking