Cybersecurity Analyst Tools Matrix
A MITRE ATT&CK-style reference matrix of essential cybersecurity tools for security analysts. Each tool is tagged with its category, Cyber Kill Chain stage, license, OS, and my personal study status.
Why this matrix exists
Studying for the CompTIA CySA+ (CS0-003) means juggling dozens of tools across very different domains — network scanners, SIEMs, EDRs, forensics suites, vulnerability platforms. Most study guides list them in flat tables that don't show when each one is used in a real engagement.
This page is the reference I wish I had on day one. It maps every tool to two complementary frameworks: the Cyber Kill Chain (how an attacker progresses) and the NIST SP 800-61r2 Incident Response Lifecycle (how a defender responds). Pivoting by stage answers practical questions like "what do I reach for during containment?" or "which scanners belong in the preparation phase?"
It also doubles as a public, honest progress tracker — every card shows where I am on each tool (learning → practiced → applied → proficient → mastered), so the matrix grows with my skills and stays useful long after the exam.