There’s a moment most people don’t talk about when they post their certifications, it’s that part where you stare at the screen, waiting for the result to load, rehearsing how you’ll feel either way.
That was me, after months of studying, rewrites, retakes, and nights when the last thing I wanted to see was another port, protocol, or payload.
I’d already passed the CompTIA trifecta, A+, Network+, Security+, and each one felt like a step forward. But PenTest+ was different. It wasn’t just about memorization. It forced me to think like an adversary, to build a structured approach out of controlled chaos. It was humbling.
There were setbacks. Long hours after long workdays. Missed weekends. That quiet voice that says, maybe this one’s just too much right now.
But that’s where persistence replaces motivation. I tell my students and training partners the same thing I remind myself: motivation gets you started, discipline keeps you moving.
When that “Pass” finally appeared on the screen, it wasn’t triumph, it was relief. And gratitude. Because every failed scan, every misconfigured lab, every late-night tracing network maps, they built the competence that makes the win real.
The truth is, no certification on its own changes who you are. The process does. The grind does. The decision to sit back down after the first, second, or third setback does.
In cybersecurity, as in martial arts, you don’t earn a belt to prove you’re done. You earn it because you’ve decided you’re not done yet.
And that lesson, more than any flag on a résumé, is what makes the next challenge possible.
Matt Shannon, Security Pro 