What cybersecurity side projects should I build for my portfolio?

A cybersecurity portfolio demonstrates practical skills that certifications alone cannot prove. Hiring managers reviewing entry-level candidates look for evidence that you can do the work, not just pass exams. Here are the five most impactful portfolio projects for aspiring cybersecurity professionals.

Home lab documentation: Set up a virtual network with VirtualBox or VMware. Include a SIEM (Wazuh or Splunk Free), a pfSense firewall, Windows and Linux endpoints, and a vulnerable target machine (DVWA, Metasploitable). Document the setup, configuration choices, and security monitoring workflow on GitHub with screenshots. This demonstrates that you can build and operate security infrastructure.

CTF writeups: Compete on TryHackMe, Hack The Box, or CyberDefenders. Write detailed writeups for each challenge explaining your methodology, tools used, and lessons learned. Publish on GitHub or a personal blog. Writeups show analytical thinking and communication skills. Hiring managers care about your approach, not just whether you solved the challenge.

Security automation scripts: Write Python scripts that automate security tasks. Examples: a script that queries VirusTotal for IP reputation, a log parser that extracts suspicious entries from Apache or Windows event logs, or an OSINT tool that gathers information about a domain. Push code to GitHub with clear README documentation. This demonstrates programming ability in a security context.

Blog or analysis content: Write 3 to 5 posts analyzing real security incidents, explaining cybersecurity concepts, or reviewing tools. Example topics: analysis of a CISA advisory, walkthrough of setting up detection rules for a specific MITRE ATT&CK technique, or comparison of SIEM platforms. Quality writing about security topics demonstrates both knowledge and communication ability. DecipherU's career guides include specific portfolio project recommendations for each cybersecurity role.