Part of the Cybersecurity Learning Path Guide — This article is one deep-dive in our complete learning paths series.
The HADESS Skills Catalog: What’s Inside?
By HADESS Team | February 28, 2026 | Updated: February 28, 2026 | 11 min read
Table of Contents
- What the HADESS Skills Catalog Is
- How the Catalog Is Organized
- Skill Domains Covered
- Proficiency Levels Explained
- How Skills Map to Career Paths
- Using the Catalog for Self-Assessment
- Building a Study Plan from the Catalog
- How Employers Use Skills Data
- Catalog Updates and New Content
- Getting Started with the Skills Catalog
- Related Guides in This Series
- Take the Next Step
- Frequently Asked Questions
What the HADESS Skills Catalog Is
The HADESS skills catalog is a structured inventory of cybersecurity competencies organized by domain, mapped to career paths, and benchmarked against real job requirements. It is not a course library. It is not a certification list. It is a framework that tells you what skills exist in the cybersecurity field, how they relate to each other, and which ones you need for specific roles.
Think of it as a map of the cybersecurity skill territory. Without a map, you wander. You study whatever looks interesting, accumulate knowledge unevenly, and discover gaps only when an interviewer or job posting exposes them. The catalog eliminates that problem by making the full picture visible.
The HADESS skills catalog was built by analyzing thousands of job postings across cybersecurity roles, interviewing hiring managers about what they actually screen for (versus what they list in job descriptions), and mapping those requirements to teachable, measurable competencies. The result is a catalog that reflects what the industry needs, not what training providers want to sell.
Each skill in the catalog includes a definition, the context where it is used, prerequisites, related skills, and the career paths where it applies. Skills are connected to each other so you can see dependency chains — understanding TCP/IP before learning packet analysis, for example, or understanding SIEM concepts before configuring detection rules.
How the Catalog Is Organized
The catalog uses a hierarchical structure:
Domains are the broadest categories: Network Security, Cloud Security, Offensive Security, Incident Response, Web Security, and so on. Each domain represents a major area of cybersecurity practice.
Skill groups within each domain cluster related competencies. Within Network Security, for example, you find groups like Firewall Management, Network Monitoring, Traffic Analysis, and Threat Detection.
Individual skills are the specific competencies within each group. Under Traffic Analysis, you find skills like Packet Capture Analysis, NetFlow Analysis, Protocol Identification, and Anomaly Detection.
This hierarchy serves two purposes. First, it gives you a clear view of how the field breaks down — useful when you are deciding which direction to pursue. Second, it enables precise skill mapping — when a job posting says “must understand network traffic analysis,” you can see exactly which skills that entails and check your proficiency against each one.
The HADESS skills library provides the full browsable catalog with detailed descriptions for every skill.
Skill Domains Covered
The catalog covers the following domains as of February 2026:
Network Security
Firewall configuration and management, intrusion detection and prevention systems, network traffic analysis, VPN configuration, network segmentation, wireless security, DNS security, and network access control. These skills form the baseline for most security roles and are especially relevant for network security engineers, SOC analysts, and security architects.
Cloud Security
AWS security services (IAM, GuardDuty, SecurityHub, WAF, CloudTrail), Azure security (Defender, Sentinel, AD), GCP security, multi-cloud architecture, container security (Docker, Kubernetes), serverless security, and cloud compliance. Cloud security has moved from a specialty to a baseline requirement — most security roles now expect at least foundational cloud knowledge.
Offensive Security
Penetration testing methodology, vulnerability assessment, web application exploitation, network exploitation, wireless testing, social engineering, binary exploitation, exploit development, and red teaming. These skills map to penetration tester, red team member, and vulnerability researcher roles.
Incident Response and Forensics
Incident response process, digital forensics (disk, memory, network), malware analysis (static and dynamic), evidence handling, timeline analysis, log analysis, and SOAR automation. Critical for incident responders, SOC analysts, and forensic analysts.
Web Application Security
Secure coding practices across languages (Python, JavaScript, Java, .NET, PHP), OWASP Top 10 testing, API security, authentication and session management, input validation, and code review. Relevant for application security engineers, security-focused developers, and web penetration testers.
DevSecOps and Security Automation
CI/CD pipeline security, infrastructure as code security (Terraform, Ansible), container orchestration security (Kubernetes, Helm), secrets management, security scanning integration, and GitOps security. These skills are in high demand as organizations shift security into development workflows.
Governance, Risk, and Compliance
Risk assessment methodologies, security frameworks (NIST CSF, ISO 27001, CIS Controls), compliance requirements (PCI DSS, HIPAA, GDPR, SOX), security policy development, vendor risk management, and audit preparation. Maps to GRC analyst, security manager, and CISO paths.
Programming and Scripting
Python for security automation, Bash scripting, PowerShell scripting, regular expressions, problem-solving methodology, and tool development. These are cross-cutting skills used in every cybersecurity domain.
Cryptography
Symmetric and asymmetric encryption, hashing algorithms, PKI and certificate management, TLS/SSL, key management, and cryptographic protocol analysis. Foundation skills needed across multiple security roles.
General Security Concepts
Identity and access management, vulnerability management, compliance frameworks, security design patterns, AI and machine learning in security, and business continuity. These are foundational competencies that cut across all specializations.
Proficiency Levels Explained
Each skill in the catalog uses a four-level proficiency scale:
Level 1: Awareness
You understand what the skill involves and can explain it at a high level. You have read about it or seen it demonstrated. You could not perform the work independently.
Example: You know what a SIEM is and what it does, but you have never written a query or triaged an alert.
Level 2: Foundational
You can perform basic tasks related to this skill with guidance or reference materials. You have done it in a lab or controlled environment. You would need support to do it in a production setting.
Example: You can write basic Splunk queries and have triaged alerts in a practice environment. You would need help with complex investigations in a real SOC.
Level 3: Practitioner
You can perform tasks related to this skill independently in a work environment. You do not need step-by-step instructions. You can troubleshoot when things do not go as expected.
Example: You can independently investigate SIEM alerts, write detection rules, and produce investigation reports that require minimal review from senior analysts.
Level 4: Expert
You can perform advanced tasks, teach others, and solve novel problems in this skill area. You design solutions, set standards, and handle edge cases.
Example: You design the SIEM architecture, create the detection strategy, develop training programs for junior analysts, and lead incident response for complex cases.
Most entry-level cybersecurity roles require Level 2-3 in core skills and Level 1-2 in supplementary skills. Senior roles require Level 3-4 across a broader skill set. Nobody is Level 4 in everything — specialization is normal and expected.
How Skills Map to Career Paths
The catalog maps skills to specific career paths with required proficiency levels. Here is a simplified example for three roles:
SOC Analyst (entry-level):
| Skill | Required Level |
|---|---|
| SIEM Operations | 2-3 |
| Log Analysis | 2-3 |
| Network Traffic Analysis | 2 |
| Incident Response Process | 2 |
| Malware Triage | 1-2 |
| Scripting (Python/PowerShell) | 1-2 |
| Threat Intelligence | 1-2 |
| Report Writing | 2-3 |
Penetration Tester (junior):
| Skill | Required Level |
|---|---|
| Web Application Testing | 2-3 |
| Network Exploitation | 2 |
| Privilege Escalation | 2 |
| Reconnaissance | 2-3 |
| Scripting (Python/Bash) | 2 |
| Report Writing | 2-3 |
| Active Directory Attacks | 1-2 |
| Methodology (OWASP/PTES) | 2 |
Security Engineer (mid-level):
| Skill | Required Level |
|---|---|
| Firewall Management | 3 |
| Cloud Security (AWS/Azure) | 2-3 |
| IAM Configuration | 3 |
| Vulnerability Management | 3 |
| Network Architecture | 3 |
| Scripting/Automation | 2-3 |
| Security Monitoring | 2-3 |
| Incident Response | 2 |
These mappings come from analyzing real job postings and validating them with hiring managers. They represent what companies actually screen for, which sometimes differs from what job descriptions list.
Using the Catalog for Self-Assessment
The most practical use of the skills catalog is honest self-assessment. Go through the skills relevant to your target role and rate yourself at each proficiency level. Be honest — overestimating your skills leads to study plans that skip necessary material.
Self-assessment process:
1. Identify your target role 2. Pull up the skill requirements for that role from the catalog 3. For each skill, ask: “Could I demonstrate this in an interview?” and “Could I do this on my first day of work?” 4. Rate yourself honestly at each level 5. The gaps between your current level and the required level are your study priorities
This assessment takes about 30 minutes and gives you a clearer picture of your readiness than any practice exam or quiz.
The HADESS skills platform automates this process and provides personalized recommendations based on your self-assessment results.
Building a Study Plan from the Catalog
Once you know your gaps, the catalog helps you prioritize:
High priority (study first): Skills where you are more than one level below the requirement. If a role requires Level 3 in SIEM Operations and you are at Level 1, this is a primary study focus.
Medium priority (study second): Skills where you are one level below the requirement. You have some foundation but need to deepen it.
Low priority (study later): Skills where you meet the requirement or are one level above. Maintain these but do not spend significant time on them.
Sequence by dependencies. Some skills depend on others. You need networking fundamentals before network traffic analysis. You need Linux command line skills before most offensive security tools. The catalog maps these dependencies so you study in the right order.
Allocate time proportionally. If a role requires 8 skills and you are deficient in 3, focus 70% of your study time on those 3 skills and 30% on maintaining the others. Even distribution across all skills is less efficient than targeted study of your weakest areas.
For a complete study plan structure, see our 6-month cybersecurity study plan.
How Employers Use Skills Data
Understanding how employers think about skills helps you present yourself more effectively:
Job descriptions are wish lists. Most job postings list 15-20 skills. Candidates who match 60-70% of them are considered competitive. Do not wait until you check every box. If you meet the core requirements and can demonstrate learning trajectory, apply.
Demonstrated skills beat claimed skills. Saying “experienced with Splunk” on your resume means nothing without evidence. Saying “built a Splunk lab, ingested Windows Security logs, and created detection rules for lateral movement techniques” tells a specific story that an interviewer can explore.
T-shaped profiles are preferred. Employers want people with broad baseline knowledge (the top of the T) and deep expertise in one or two areas (the stem of the T). The catalog helps you identify which broad skills to maintain and which narrow areas to go deep on.
Skills decay without practice. A skill you learned two years ago and have not used since is not a current skill. The catalog’s proficiency levels account for recency. If you are claiming Level 3 in a skill you have not practiced in 18 months, you are probably at Level 2.
Catalog Updates and New Content
The cybersecurity field changes fast, and the skills catalog updates to reflect those changes. The current update cycle:
- Quarterly reviews: Existing skills are reviewed for accuracy and relevance. Proficiency level definitions are refined based on industry feedback.
- Bi-annual additions: New skills are added to reflect emerging technologies and practices. Recent additions include AI/ML security, supply chain security, and zero trust architecture.
- Annual restructuring: Domain groupings and skill relationships are reviewed for accuracy. Skills that have become obsolete are deprecated (not removed — historical context matters).
The skills catalog is not static. It evolves with the field, ensuring that your study plan targets skills that are currently relevant rather than historically important.
Getting Started with the Skills Catalog
1. Visit the HADESS skills library 2. Browse domains that interest you 3. Pick your target role and review its skill requirements 4. Perform an honest self-assessment 5. Identify your top 3-5 skill gaps 6. Build a study plan focused on those gaps 7. Reassess monthly and adjust your priorities
The catalog is a tool, not a prescription. Use it to inform your decisions, not to dictate them. Your career path is unique, and the catalog gives you the information to make smart choices about where to invest your time.
Related Guides in This Series
- Free vs Paid Cybersecurity Courses: Full Comparison
- How to Use Practice Labs in Cybersecurity Training
- SOC Analyst Learning Path: From Zero to Hired
Take the Next Step
Explore the full HADESS skills catalog and start your self-assessment at /skills.
Frequently Asked Questions
How many skills are in the HADESS catalog?
A. The catalog contains over 200 individual skills organized across 10 major domains. Each skill has defined proficiency levels, prerequisites, and career path mappings. The number grows as new skills are added during regular update cycles.
Do I need to master every skill in the catalog?
A. No. No one masters every cybersecurity skill. The catalog helps you identify which skills matter for your specific career path and which proficiency level you need for each. A SOC analyst needs different skills than a pen tester, and neither needs to be an expert in every domain.
How is the catalog different from a certification study guide?
A. Certification study guides are organized around a specific exam. The HADESS skills catalog is organized around career outcomes. It maps skills to job roles rather than exam objectives, includes practical proficiency levels rather than pass/fail, and covers skills that no single certification tests. It complements certifications rather than replacing them.
Can I use the catalog if I am not on the HADESS platform?
A. The catalog structure and skill descriptions are accessible through the HADESS skills page. The full interactive features — self-assessment, personalized recommendations, progress tracking, and career path mapping — are available on the platform. You can use the catalog as a reference even without an account.
How often is the catalog updated?
A. Skills are reviewed quarterly for accuracy and relevance. New skills are added bi-annually based on industry trends, job market analysis, and practitioner feedback. Major structural updates happen annually. The goal is to keep the catalog aligned with what employers are actually hiring for, not what was relevant two years ago.
— HADESS Team consists of cybersecurity practitioners, hiring managers, and career strategists who have collectively spent 50+ years in the field.
