profile

Tech Career Advice

I Took TryHackMe’s SAL1 Certification… Here’s What Happened

Published 27 days ago • 3 min read

Hey Reader,

Breaking into cybersecurity is tough. You study, build labs, earn certifications, send out application after application… and still get ghosted by companies looking for “entry-level” candidates with three years of experience and a CISSP. Sound familiar?

That’s exactly why TryHackMe launched their Security Analyst Level 1 (SAL1) certification, and I had to check it out for myself. Now, full disclosure: TryHackMe sponsored my video about SAL1, but they have no clue I’m writing this post. This is 100% my real, unfiltered experience—because I know firsthand how frustrating the cybersecurity job hunt can be, and I want to give you actual insight on whether this cert is worth your time.

If you would rather watch the video check it out here. 👇

video preview

What Is SAL1 and Why Does It Exist?

Most cybersecurity certifications test your ability to memorize information, not actually do the job. But if you want to work as a SOC Analyst, your job isn’t just answering multiple-choice questions—you need to detect and investigate real threats, analyze logs, and write clear, detailed reports.

SAL1 is different. This certification is designed to mirror a real SOC job, testing both fundamental knowledge and hands-on skills in a simulated SOC environment. It’s not just about knowing the right answers—it’s about proving you can do the work.

And let me tell you… that hands-on portion? It kicked my ass.

I Took SAL1 With Zero Prep… and Failed

I decided to take SAL1 cold, no studying, no practice—just to see how difficult it really was. And at first, I was feeling good. The multiple-choice section? No problem. Networking, log analysis, threat detection—I knew my stuff.

But then came the practical section.

I had to analyze a real-world attack scenario, piece together what happened, and write up a full security report. And here’s where things went south—I wasn’t detailed enough in my investigation. My report was too vague, I didn’t provide enough evidence, and I flat-out missed some key indicators.

And in cybersecurity, details matter. If you can’t clearly communicate what’s happening in an incident, it doesn’t matter how much you "know"—you won’t last in a SOC.

So yeah, I failed. But honestly? That’s why this cert is valuable.

How to Pass SAL1 and Succeed

Now that I’ve gone through the exam, I know exactly what I should have done differently. If you’re planning to take SAL1, don’t make the same mistakes I did—here’s how to set yourself up for success.

1️⃣ Start with TryHackMe’s SOC Analyst Learning Path
Before jumping into the exam, check out the SOC Level 1 Learning Path on TryHackMe. This will teach you log analysis, threat detection, SIEM tools, and incident response—everything you’ll need to pass the exam.

2️⃣ Practice in TryHackMe’s Free SOC Simulator
Want to get a feel for the hands-on part of SAL1? TryHackMe has a free SOC simulator where you can practice analyzing security alerts just like you would in the exam. If you can work through those scenarios successfully, you’ll be in a much better position when you take SAL1.

3️⃣ Get Comfortable Writing Detailed Security Reports
One of the biggest reasons I failed was because my report wasn’t detailed enough. SOC analysts spend a lot of time writing reports that clearly explain what happened, what actions were taken, and what the impact was. TryHackMe’s training covers this, but I’d also recommend reading real SOC reports and practicing writing your own.

4️⃣ Don’t Rush Through the Exam
When you’re analyzing security alerts, it’s easy to miss key details if you rush. Take your time, document everything, and double-check your work before submitting your report.

If you follow these steps, you’ll have a much better chance of passing SAL1 on your first try.

Should You Take SAL1?

If you’re trying to land a Job working in a SOC and need a way to prove you can actually do the work, this cert is worth looking into. I think more certifications should take this hands-on approach.

If you want to see what it’s all about, check out the certification here:
👉 TryHackMe SAL1 Certification

And if you take the exam, let me know how it goes. Did you pass? Did it humble you like it did me?

Dakota Snow | The Bearded I.T. Dad

113 Cherry St #92768, Seattle, WA 98104-2205
Unsubscribe · Preferences

Tech Career Advice

Empowering Your I.T. Career Journey – From the first step to the pinnacle of success!

With a genuine passion for technology and a purpose-driven mission to uplift others, I'm here to guide you through the ever-evolving landscape of the IT industry. Whether you're just starting out or looking to elevate your career, you've found a community dedicated to your growth. In-Depth Advice & Insights: Leveraging my journey from Help Desk to Director of Network Operations within just three years, I share actionable strategies to accelerate your career progression. Conversations with Experts: Gain exclusive insights from industry leaders, offering you a diverse perspective on navigating the IT field.Your journey in tech is unique, and here at The Bearded IT Dad, we celebrate every step of that journey. Subscribe and dive into our resources—your next big breakthrough could be just one video away.

Read more from Tech Career Advice

Hey Reader, Landing a job in tech is more competitive than ever. With AI-driven resume screenings and high hiring standards, acing the interview is no longer optional—it’s essential. Yet, so many candidates make simple but avoidable mistakes that cost them opportunities. The good news? If you know what to watch for, you can stand out from the crowd and drastically increase your chances of success. Here are 11 of the most common interview mistakes—and exactly how to avoid them. 1. Not...

about 1 month ago • 2 min read

Hey Reader, Tech interviews can be stressful, but you know what makes them easier? Preparation. The good news is that a lot of interview questions are predictable—so if you take the time to practice, you’ll feel way more confident when the big day comes. Let’s go over some of the most common interview questions, why they’re asked, and how to answer them like a pro. 1. "Tell me about yourself." This is often the first question you get asked. To be honest most of us are not prepared to answer...

about 1 month ago • 2 min read

Hey Reader, One of the most common mistakes job seekers make—especially in tech—is using the same resume for every job application. It feels efficient. You’ve spent hours perfecting your resume, highlighting your skills, and making sure it looks polished. So why wouldn’t you send it everywhere? Because hiring managers and applicant tracking systems (ATS) aren’t looking for a generic “good resume.” They’re looking for the right resume—one that aligns with the specific needs of the job they’re...

about 2 months ago • 2 min read