Certifications in the field of cyber security
The tables below offer a more fulsome list of the different cyber security certifications available to individuals, in alphabetical order Footnote 2.
Prior to attempting a certification exam, candidates can purchase training (in-class, online, or self-paced courses) and other exam preparation materials, such as practice exams, through the vendors and training providers listed in the last column. Some vendors also offer course bundles that include exam fees. To find out more about certification training options and providers, please visit the certification body website.
5.1 CertNexus
Certified First Responder (CFR)
Certification overview
- Validates a candidate’s knowledge of analyzing threats, designing secure computing and network environments, proactively defecting networks and responding to/investigating cyber security incidents
- DoD approved (Directive 8140)
- Candidates should have 3-5 years of experience working in a computing environment protecting critical information systems before, during, and after an incident
- Exam consists of 100 multiple choice questions
- Valid for 3 years
- 2 options for re-certification:
- Take the most recent version of the exam
- Earn 90 continuing educated credits within the 3 years and paying annual fees
Intended candidates
- System Administrators
- Network Administrators
- Incident Responders
- Cyber Crime Investigators
- IT Auditors
- Security Analysts
- Network Analysts
- Information Systems Security Engineers
Certified IoT Security Practitioner (CIoTSP)
Certification overview
- Validates a candidate’s knowledge, skills, and ability to secure network environments for IoT devices, analyze vulnerabilities and determine reasonable controls against threats and effectively monitor IoT devices and respond to incidents
- Candidates should have a fundamental understanding of IoT ecosystems
- Exam consists of 100 multiple choice questions
Intended candidates
- Network Administrators
- Software Development Engineer
- Solution Architects
- Cyber Security Analysts
- Web Developers
- Cloud Engineers
Cyber Secure Coder (CSC)
Certification overview
- Demonstrates that a candidate has learned about the vulnerabilities that undermine security, identification and remediation of those vulnerabilities, and strategies for dealing with security defects.
- Candidates should have some programming experience (developing desktop, mobile, web, or cloud applications)
- Exam consists of 80 multiple choice questions
- Valid for 3 years
Intended candidates
- Lead Developers
- Junior Programmers
- Application Testers
- QA Testers
- Software Designers
- Software Architects
CyberSafe
Certification overview
- Validates that a candidate can identify the most common risks involved in using mobile and cloud technologies, and to protect themselves and their organizations from cyber threats
- No prerequisites for exam but candidates should have experience with basic technology (computers, smartphones, email, internet etc.)
- Exam is only 10 questions and has no time limit
Intended candidates
- Non-technical computer end-users
IRBIZ micro credential
Certification overview
- Certifies that a candidate has the necessary skills to assess and respond to security threats, and operation a system and network security analysis platform.
- Candidates should have a general understanding of cyber security
- Exam consists of 10 multiple choice and true/false questions
- Valid for 3 years
Intended candidates
- IT leaders and Executives responsible for incident response legislation compliance
5.2 Cisco Systems
Cisco Certified CyberOps Associate
Certification overview
- Certification prepares candidates to begin working with associate-level cybersecurity analysts within security operations centers
- No prerequisites
- DoD approved (Directive 8570)
- Candidates must pass two 2 exams to receive certification
- Valid for 3 years
- Recertification requires taking a recertification exam, or completing learning activities and 30 earning continuing education credits
Intended candidates
- Cyber Security Analysts
- Security Operations Centre Team members
Cisco Certified CyberOps Professional
Certification overview
- New certification introduced in 2021
- Validates a candidate’s knowledge of cloud computing security, risk management, and threat intelligence analysis
- No prerequisites
- Valid for 3 years
- Recertification requires advancing to the next level of certification, earning continuing education credits, or a combination of both
Intended candidates
- Information Security Analysts
- Incident Responders
- Incident Managers
- Network Engineers
Cisco Certified Internetwork Expert (CCIE) Security
Certification overview
- Validates a candidate’s knowledge of security infrastructure including network security, cloud security, content security, endpoint protection and detection, secure network access, visibility and enforcements
- No perquisites
- It is recommended that candidates have 5-7 years of experience of designing, deploying, operating and optimizing security technologies and solutions
- Certification requires passing a qualifying exam and an 8-hour hands-on lab exam
- Valid for 3 years
- Recertification requires advancing to the next level of certification, earning continuing education credits, or a combination of both
Intended candidates
- Senior networking professionals with at least 5-7 years of experience
Cisco Certified Network Professional (CCNP) Security
Certification overview
- Validates a candidate’s knowledge of enterprise infrastructure, virtualization, assurance, security, and automation
- No perquisites
- It is recommended that candidates have 3-5 years of experience implementing security solutions
- Certification requires passing a core exam and a concentration exam.
- Valid for 3 years
- Recertification requires advancing to the next level of certification, earning continuing education credits, or a combination of both
Intended candidates
- Professionals with 3-5 years of implementing security solutions
- Network engineers
- System engineers
- Network technicians
Cisco Certified Support Technician (CCST) ybersecurity
Certification overview
- New certification introduced in 2023
- Entry-level certification
- No prerequisites
- Validates a candidate’s skills and knowledge of entry-level cyber security concepts and topics including security principles, network security and endpoint security concepts, vulnerability assessment and risk management, and incident handling
- Certification does not expire and there is no need to recertify
Intended candidates
- Late secondary and postsecondary students
- Students in technical schools
- Entry-level IT or networking professionals
Cisco Certified Support Technician (CCST) Networking
Certification overview
- New certification introduced in 2023
- Entry-level certification
- No prerequisites
- Validates a candidate’s skills and knowledge of entry-level networking concepts and topics including how networks operate, including the devices, media, and protocols that enable network communications
- Certification does not expire and there is no need to recertify
Intended candidates
- Late secondary and postsecondary students
- Students in technical schools
- Entry-level IT or networking professionals
5.3 CompTIA
Advanced Security Practitioner (CASP+)
Certification overview
- Advanced level certification
- The only performance-based certifications for practitioners rather than managers, at the advanced level of cyber security
- Validates advanced-level competency in risk management, enterprise security operations and architecture, research and collaboration, and integration of enterprise security
- DoD approved (Directive 8140/8570)
- Candidates require 10 years of experience in IT administration; 5 of which are hands-on technical security experience
- Exam consists of 90 multiple choice and performance-based questions
- Valid for 3 years
- Renewal requires obtaining 75 continuing education credits during the 3-year period
Intended candidates
- Security Architect
- Technical Lead Analyst
- Security Engineer
- Application Security Engineer
Cyber Security Analyst (CySA+)
Certification overview
- Intermediate level cybersecurity analyst certification
- The most up to date security analyst certification covering advanced persistent threats in a post-2014 cyber security environment.
- Validates a candidate’s expertise in security analytics, intrusion detection, and response
- Candidates should have 3-4 years of information security or related experience, and Network+ or Security+ certification, or equivalent knowledge
- Approved by US Department of Defence
- Exam consists of 85 multiple choice and performance-based questions
- Valid for 3 years
- Renewal requires obtaining 60 continuing education credits during the 3-year period
Intended candidates
- IT Security Analyst
- Security Operations Centre Analyst
- Cyber Security Specialist
- Threat Intelligence Analyst
- Security Engineer
- Cyber Security Analyst
Network+
Certification overview
- Validates a candidate’s knowledge and skills in designing and implementing functional networks
- Prerequisites are A+ certification and 9-12 months of networking experience
- Good to have for developing a career in IT infrastructure (troubleshooting, configuring, managing networks)
- Exam consists of 90 multiple choice and performance-based questions
- Valid for 3 years
- Renewal requires obtaining 30 continuing education credits during the 3-year period
Intended candidates
- Entry-level positions
- Junior Network Administrator
- Computer technician
- Junior System Engineer
PenTest+
Certification overview
- Intermediate level certification
- Validates a candidate’s ability and knowledge to test devices in new environments, like cloud or mobile, as well as traditional desktops and servers
- Candidates should have 3-4 years of hands-on information security or related experience
- Exam consists of a maximum of 85 multiple choice and performance-based questions
- Renewal requires obtaining 60 continuing education credits during the 3-year period
Intended candidates
- Penetration Tester
- Vulnerability Tester
- Security Analyst
- Network Security Operations
Security+
Certification overview
- Entry-level certification
- Validates baseline cyber security skills needed to perform core security functions
- Certificate holders are experts in threat management, network access control, and security infrastructure.
- Candidates must have 2 years of experience in network security and obtained Network+ certification
- Valid for 3 years
- Renewal requires obtaining 50 continuing education credits during the 3-year period
Intended candidates
- Systems Administrator
- Network Administrator
- Security Administrator
- Penetration Tester
- Security Engineer
5.4 Council for Registered Ethical Security Testers (CREST)
Certified Infrastructure Tester
Certification overview
- Validates a candidate’s ability to assess a network for flaws and vulnerabilities at the network and operating system layer
- Exam consists of a multiple-choice written portion, and two 6hr hands-on practical components
- Valid for 3 years
- To recertify, candidates must re-write the exam
Intended candidates
- System Administrators
- Penetration Testers
- Information Security Managers
- Incident Handlers
Certified Web Application Tester
Certification overview
- Assesses a candidate’s ability to find vulnerabilities in bespoke web applications.
- Exam consists of a multiple-choice written portion, and two 6hr hands-on practical components
- Valid for 3 years
- To recertify, candidates must re-write the exam
Intended candidates
- Penetration Testers
- Ethical Hackers
CREST Certified Wireless Specialist (CCWS)
Certification overview
- Validates a candidate’s knowledge and skills in performing traditional wireless security reviews, RFID, Bluetooth and other wireless technologies
- Prerequisite is successful completion of one of the core CREST certification exams
- 2-part exam: 120 multiple choice questions and practical tasks
- Valid for 3 years
- To recertify, candidates must re-write the exam
Intended candidates
Practitioner Security Analyst (CPSA)
Certification overview
- Entry-level certification
- Validates a candidate’s knowledge in assessing operating systems and common network services at a basic level
- Candidates must demonstrate that they have the knowledge to perform basic infrastructure and web application vulnerability scans and interpret the results to locate security vulnerabilities.
- Exam consists of multiple-choice questions
- Valid for 3 years
- To recertify, candidates must re-write the exam
Intended candidates
- System Administrators
- Penetration Testers
- Information Security Managers
- Incident Handlers
Registered Penetration Tester (CRT)
Certification overview
- Validates a candidate’s ability to carry out basic vulnerability assessment and penetration testing tasks.
- During the exam, candidates are required to find known vulnerabilities across common network, application and database technologies; includes a multiple-choice section
- Pre-requisite is the CPSA certification
- Valid for 3 years
- To recertify, candidates must re-write the exam
Intended candidates
- System Administrators
- Penetration Testers
- Information Security Managers
- Incident Handlers
5.5 Certified Wireless Network Professions (CWNP)
Certified Wireless Network Expert (CWNE)
Certification overview
- Advanced-level certification
- Less than 200 CWNE certificate holders in the world
- Validates that a candidate has mastered all the relevant to administer, install, configure, troubleshoot and design wireless networks, and has a deep understanding of protocol analysis, intrusion detection and prevention.
- Candidates are required to have 3-years of experience related to Wi-Fi networks
- Application requirements include endorsement from 3 people and written submissions (essays and publications)
- Candidates must pass 4 exams and complete commercial WLAN deployments
- Valid for 3 years
- Renewal requires paying a renewal fee and obtaining 60 continuing education credits over a 3-year period
Intended candidates
- Individuals in senior WLAN positions
Certified Wireless Security Professional (CWSP)
Certification overview
- Validates a candidate’s ability to assess the vulnerabilities of a network, help prevent attacks before they happen, perform WLAN security audits, and implement compliance monitoring solutions.
- Candidate must have already obtained Certified Wireless Network Administrator (CWNA) certification
- Exam consists of 60 multiple choice questions
- Valid for 3 years
- Recertification requires having valid CWNA certification and passing the current version of the exam or pass the CWNE exam.
Intended candidates
- IT Networking Professionals
5.6 EC Council
Certified Application Security Engineer (CASE)
Certification overview
- Two streams: JAVA and .NET
- Validates that a candidate has the critical security skills and knowledge required throughout a typical software development life cycle (SDLC), focusing on the importance of the implementation of secure methodologies and practices in today’s insecure operating environment
- Candidates seeking certification without official training are required to have 2 years of work experience in information security and must apply for exam eligibility
- Valid for 3 years
- Exams consist of 50 multiple choice questions
- To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees
Intended candidates
- Individuals responsible for developing, testing, managing, or protecting wide area of applications
- Developers who want to become Application Security Engineers, Analysts or Testers
Certified Chief Information Security Officer (CCISO)
Certification overview
- Program recognizes the real-world experience necessary to succeed at the highest executive levels of Information Security
- CCISO program is aimed at producing top-level information security executives
- Candidates seeking certification without official training are required to have at least 5 years of work experience in each of the 5 CCISO domains and must apply for exam eligibility
- Candidates attending official training require 5 years of work experience in at least 3 of the CCISO domains
- Exam consists of 150 multiple choice questions
- Valid for 3 years
- To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees
Intended candidates
- Chief Information Security Officers
Certified Cloud Security Engineer (CCSE)
Certification overview
- Validates a candidate’s ability to create and implement security policies to safeguard cloud infrastructure and applications
- Program provides both vendor-neutral and vendor-specific cloud security concepts
- Candidates seeking certification without official training are required to have at least 2 years of work experience information security and must apply for exam eligibility
- Exam consists of 125 multiple choice questions
- Valid for 3 years
- To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees
Intended candidates
- Cloud Analysts
- Cyber Security Analysts
- Network Security Administrators
- Cloud Administrators and Engineers
- Network and Cloud Management Operations Professionals
Certified Cybersecurity Technician (CCT)
Certification overview
- Entry-level cyber security credential for individuals starting a career in cyber security or IT
- Validates a candidate’s hands-on technical skills
- No prerequisites
- Exam consists of 60 multiple choice questions and 10 practical scenarios
- Valid for 3 years
- CCT is not part of the EC-Council Continuing Education (ECE) scheme. To recertify, a candidate must take the exam again
Intended candidates
- Individuals seeking entry-level cyber security or information security roles
- Cyber Security technicians
- Network Engineers and Administrators
- IT Support Specialists and Managers
- Network Technicians and Coordinators
Certified Ethical Hacker (CEH) – ANSI
Certification overview
- Entry-level credential
- Validates that a candidate knows how to look for weaknesses and vulnerabilities in target systems and use the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system
- Candidates seeking certification without official training are required to have 2 years of work experience in information security and must apply for exam eligibility
- This credential certifies individuals in the specific network security discipline of ethical hacking from a vendor-neutral perspective
- Exam consists of 125 questions
- Valid for 3 years
- To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees
Intended candidates
- Information Security Officers
- Information Assurance Security Officers, Managers, Engineers, or Specialists
- Site Administrators
- Information Security Auditors
- Risk/Threat/Vulnerability Analysts
Certified Ethical Hacker (CEH) – Master
Certification overview
- Candidate holds both the ANSI and Practical CEH certifications
- Meets GCHQ Certified Training standard
- Valid for 3 years
- To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees
Intended candidates
- Security Officers
- IT Auditors
- Site Administrators
Certified Ethical Hacker (CEH) – Practical
Certification overview
- Validates a candidate’s knowledge of ethical hacking techniques such as threat vector identification, network scanning, operating system (OS) detection, vulnerability analysis, system hacking, web application hacking, etc.
- No perquisites, but this certification is usually the next step after obtaining the CEH ANSI
- 6-hour exam features 20 case studies
- Valid for 3 years
- To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees
Intended candidates
- Information Security Analysts or Administrators
- Information Assurance Security Officers, Managers, Engineers, or Specialists
- Risk/Threat/Vulnerability Analysts
- System Administrators
- Network Administrators or Engineers
Certified Network Defender (CND) – ANSI
Certification overview
- Demonstrates that a candidate has the required expertise to protect, detect, and respond to threats on the network
- Candidates seeking certification without official training are required to have 2 years of work experience in IT security and must apply for exam eligibility
- Exam consists of 100 multiple choice questions
- Valid for 3 years
- To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees
Intended candidates
- Network and IT Administrators
- Data Security Analysts
- Security Operators
- Network Engineers and Technicians
Certified Penetration Testing Professional (CPENT)
Certification overview
- Validates a candidate’s ability to perform an effective penetration testing in an enterprise network environment that must be attacked, exploited, evaded, and defended
- No prerequisites
- 24-hour exam consists of a 100% practical assessment within the cyber range and the submission of a Penetration Testing report
- Valid for 3 years
- To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees
Intended candidates
- Penetration Testers
- Ethical Hackers
- Network Server and Firewall Administrators
- Risk Assessment Professionals
- Security Engineers and Analysts
- Information Security Consultants
Certified Secure Computer User (CSCU)
Certification overview
- Validates that a candidate can identify information security threats and mitigate them effectively
- No prerequisites
- Exam consists of 50 multiple choice questions
- Valid for 3 years
- CSCU is not part of the EC-Council Continuing Education (ECE) scheme. To recertify, a candidate must take the exam again
Intended candidates
- Anyone 13 and over who uses a computer for work, study, or play
- End-users
Certified SOC Analyst (CSA)
Certification overview
- Validates a candidate’s comprehensive understanding of the tasks required as a SOC Analyst
- Program focuses on creating new career opportunities for candidates by providing them with in-demand technical skills, knowledge, and enhanced-level capabilities to dynamically contribute to a SOC team
- Candidates seeking certification without official training are required to have 1 year of work experience in information security and must apply for exam eligibility
- Exam consists of 100 multiple choice questions
- Valid for 3 years
- To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees
Intended candidates
- Tier I and Tier II Security Operations Centre Analysts
- Cyber Security Analysts
- Network and Security Administrators
Certified Threat Intelligence Analyst (CTIA)
Certification overview
- Demonstrates that a candidate has the skills to identify and mitigate business risks by converting unknown internal and external threats into quantifiable threat entities and stop them in their tracks
- Candidates seeking certification without official training are required to have 2 years of work experience in information security and must apply for exam eligibility
- Exam consists of 50 multiple choice questions
- Valid for 3 years
- To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees
Intended candidates
- Ethical Hackers
- Digital Forensic and Malware Analysts
- Threat Intelligent Analysts
- Incident Response Team Members
- SOC Professionals
- Security Practitioners, Engineers, Analysts, Architects, and Managers
Computer Hacking Forensics Investigator (CHFI) – ANSI
Certification overview
- Validates that a candidate has the necessary skills to proactively investigate complex security threats, allowing them to investigate, record, and report cybercrimes to prevent future attacks
- Lab-focused, vendor-neutral program
- Candidates seeking certification without official training must have 2 years of work experience in information security and must apply for exam eligibility
- Exam consists of 150 multiple choice questions
- Valid for 3 years
- To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees
Intended candidates
- IT Managers
- Digital Forensic Service Providers
- Law enforcement personnel
- Defence and Security personnel
- Government Agencies
Digital Forensics Essentials (DFE)
Certification overview
- Entry-level credential helps candidates increase their competency and expertise in digital forensics and information security skills, thereby adding value to their workplace and employer
- No prerequisites
- Exam consists of 75 multiple choice questions
- Valid for 3 years
- DFE is not part of the EC-Council Continuing Education (ECE) scheme. To recertify, a candidate must take the exam again
Intended candidates
- Individuals seeking entry-level cyber security or information security roles
- Help Desk Technicians
- Network Administrators
- Network Technicians
- Computer Support Specialists
EC Council Disaster Recovery Professional (EDRP)
Certification overview
- Validates a candidate’s ability to plan, strategize, implement, and maintain a business continuity and disaster recovery plan
- Candidates seeking certification without official training must have at least 2 years of work experience in information security and must apply for exam eligibility
- Exam consists of 150 multiple choice questions
- Valid for 3 years
- To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees
Intended candidates
- IT Directors and CISOs
- IT Risk Managers and Consultants
- Business Continuity and Disaster Recovery Consultants
- IT Professionals in Disaster Recovery, Business Continuity, and System Administration domains
EC-Council Certified Encryption Specialist (ECES)
Certification overview
- Entry-level certification that introduces professionals and students to the field of cryptography by learning the foundations of modern symmetric and key cryptography
- Candidates seeking certification without official training must have at least 1 year of related work experience in information security and must apply for exam eligibility
- Exam consists of 50 multiple choice questions
- Valid for 3 years
- To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees
Intended candidates
- Cryptanalysts
- Cryptographers
- Ethical Hackers
- Penetration Testers
EC-Council Certified Incident Handler (ECIH) – ANSI
Certification overview
- Validates that a candidate has the knowledge and skills to effectively handle post breach consequences by reducing impact of the incident from both a financial and reputational perspective
- Specialist-level program
- Candidates seeking certification without official training must have at least 1 year of work experience in information security and must apply for exam eligibility
- Exam consists of 100 multiple choice questions
- Valid for 3 years
- To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees
Intended candidates
- Risk Assessment Handlers
- System Administrators and Engineers
- Network and IT Managers
- Application Security Engineers
- Cyber Forensic Investigators and Analysts
- SOC Analysts
- Penetration Testers
Ethical Hacking Essentials (EHE)
Certification overview
- Entry-level credential covers ethical hacking and penetration testing fundamentals and prepares learners for a career in cyber security
- No prerequisites
- Exam consists of 75 multiple choice questions
- Valid for 3 years
- ECE is not part of the EC-Council Continuing Education (ECE) scheme. To recertify, a candidate must take the exam again
Intended candidates
- Individuals seeking entry-level cyber security or information security roles
- Help Desk Technicians
- Network Administrators
- Network Technicians
- Computer Support Specialists
Industrial Control Systems and Supervisory Control and Data Acquisitions (ICS/SCADA) Cybersecurity
Certification overview
- Validates a candidate’s knowledge of the foundations of security and ability to defend network architectures from attacks
- Candidates seeking certification without official training are required to have 1 year of work experience in information security and must apply for exam eligibility
- Exam consists of 75 multiple choice questions
- Valid for 3 years
- To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees
Intended candidates
- System Administrators and Engineers
- SCADA Systems personnel
- Business System Analysts who support SCADA interfaces
- Security Consultants who perform security assessments of SCADA and/or ICS
Industrial Control Systems and Supervisory Control and Data Acquisitions (ICS/SCADA) Cybersecurity
Certification overview
- Validates a candidate’s knowledge of the foundations of security and ability to defend network architectures from attacks
- Candidates seeking certification without official training are required to have 1 year of work experience in information security and must apply for exam eligibility
- Exam consists of 75 multiple choice questions
- Valid for 3 years
- To recertify, you must earn 120 continuing education credits during the 3-year period and pay annual fees
Intended candidates
- System Administrators and Engineers
- SCADA Systems personnel
- Business System Analysts who support SCADA interfaces
- Security Consultants who perform security assessments of SCADA and/or ICS
Network Defense Essentials (NDE)
Certification overview
- Entry-level credential covers the fundamental concepts of information security and network defense, and is ideal for learners aspiring to pursue a career in cyber security
- No prerequisites
- Exam consists of 75 multiple choice questions
- Valid for 3 years
- NDE is not part of the EC-Council Continuing Education (ECE) scheme. To recertify, a candidate must take the exam again
Intended candidates
- Individuals seeking entry-level cyber security or information security roles
- Help Desk Technicians
- Network Administrators
- Network Technicians
- Computer Support Specialists
5.7 Global Information Assurance Certification (GIAC)
GIAC Advanced Smartphone Forensics (GASF)
Certification overview
- Advanced-level certification
- Validates a candidate is qualified to perform forensic examinations on devices such as mobile phones and tablets; and has an understanding of the fundamentals of mobile forensics, device file system analysis, mobile application behaviour, event artifact analysis and the identification and analysis of mobile device malware
- Valid for 4 years
- Exam consists of 75 questions
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Digital Forensic and Malware Analyst
- Cyber Defense Forensic Analysts and Investigators
- Penetration Testers
- Exploit Developers
- Threat Hunters
GIAC Assessing and Auditing Wireless Networks (GAWN)
Certification overview
- Advanced-level certification
- Demonstrates knowledge of the different security mechanisms for wireless networks, the tools and techniques used to evaluate and exploit weaknesses, and techniques used to analyze wireless networks.
- Exam consists of 75 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Auditors
- Ethical Hackers
- Penetration Testers
- Network Security Professionals
- Wireless System Engineers
GIAC Certified Detection Analyst (GCDA)
Certification overview
- Advanced-level certification
- Validates a candidate’s ability to collect, analyze, and tactically use modern network and endpoint data sources to detect malicious or unauthorized activity
- GCDA certificate holders are qualified for hands-on leadership positions that deal with Security Information and Event Management (SIEM)
- Exam consists of 75 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Security Analysts
- Security Architects
- Senior Security Engineers
- Security Operations Centre Engineers and Analysts
- Cyber Threat Investigators
GIAC Certified Enterprise Defender (GCED)
Certification overview
- Advanced-level certification
- Validates a candidate’s knowledges and abilities in the areas of defensive network infrastructure, packet analysis, penetration testing, incident handling, and malware remove
- Exam consists of 115 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Incident Responders
- Penetration Testers
- Security Operations Centre Engineers and Analysts
- Network Security Professionals
GIAC Certified Forensic Analyst (GCFA)
Certification overview
- Advanced-level certification
- Validates that a candidate has the knowledge, skills, and ability to conduct formal incident investigations and handle advanced incident handling scenarios, such as internal and external data breach intrusions or advanced persistent threats.
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Incident Response Team Members
- Security Operations Centre Analysts
- Federal Agents and Law Enforcement Professionals
- Digital Forensics Analysts
GIAC Certified Forensic Examiner (GCFE)
Certification overview
- Intermediate-level certification
- Validates a candidate’s knowledge of computer forensics analysis, including core skills needed to collect and analyze data from Windows systems
- Exam consists of 115 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Information Security professionals
- Law enforcement members
- Digital Forensics and Malware Analysts
- Cyber Defense Forensic Analysts and Investigators
GIAC Certified Incident Handler (GCIH)
Certification overview
- Intermediate-level certification
- Demonstrates one’s ability to detect, respond, and resolve computer security incidents using a wide range of essential security skills
- Exam consists of 100-150 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Incident Response Team Members
- Cyber Defence Incident Responder
GIAC Certified Intrusion Analyst (GCIA)
Certification overview
- Advanced-level certification
- Validates a candidate’s knowledge of network and host monitoring traffic analysis, and intrusion detection
- Certificate holders are qualified to configure and monitor intrusion detection systems, and to analyze network traffic
- Exam consists of 100-150 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Individuals who are responsible for network and host monitoring, traffic analysis, or intrusion detection
- Threat Hunters
- Security Operations Centre Analysts
- Incident Response team members
GIAC Certified Web Application Defender (GWEB)
Certification overview
- Advanced-level certification
- Demonstrates that a candidate has mastered the security knowledge and skills needed to deal with common web application errors that lead to most security problems.
- Exam consists of 75 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Application Developers
- Application Security Analysts
- Application Architects
- Penetration Testers
- Individuals in roles requiring PCI compliance
GIAC Certified Windows Security Administrator (GCWN)
Certification overview
- Advanced-level certification
- Validates a candidate’s ability to secure Windows clients and servers, and knowledge of configuring and managing the security of Microsoft operating systems and applications
- Exam consists of 75 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Individuals responsible for installing, configuring, and securing Microsoft Windows clients and servers
GIAC Continuous Monitoring Certification (GMON)
Certification overview
- Advanced-level certification
- Validates a candidate’s ability to deter intrusions and quickly detect anomalous activity
- Exam consists of 115 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Security Architects
- Security Operations Centre Analysts and Managers
- Technical Security manager
- Security Engineers
GIAC Critical Controls Certification (GCCC)
Certification overview
- Advanced-level certification
- The only certification that is based on the Critical Security Controls, a prioritized, risk-based approach to security.
- Validates a candidate’s knowledge and skills to implement and execute the Critical Security Controls recommended by the Council on Cybersecurity and perform audits based on the standard.
- No prerequisites
- Exam consists of 75 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- IT Administrators
- DoD personnel
- Network Security Engineers
- Security Vendors
- Security Auditors, CIOs, and Risk Officers
GIAC Critical Infrastructure Protection (GCIP)
Certification overview
- Advanced-level certification
- Validates a candidate has the knowledge and skills needed to understand the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) regulations and plan practical implementation strategies to achieve regulatory compliance.
- Exam consists of 75 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Security Operations Analysts
- Team Leaders and Managers
- Incident Response Analysts
- ICS Cyber Security Practitioners
GIAC Cyber Threat Intelligence (GCTI)
Certification overview
- Advanced-level certification
- Validates a candidate’s ability to understand and analyze complex threat analysis scenarios; identify, create, and validate intelligence requirements through threat modelling.
- Exam consists of 75 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Incident Response Team members
- Threat Hunters
- Intelligence Analysts
GIAC Defending Advanced Threats (GDAT)
Certification overview
- Advanced-level certification
- Validates that a candidate has advanced knowledge of how adversaries penetrate networks and what security controls are effective to stop them.
- Exam consists of 75 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Security Architects
- Security Engineers
- Technical Security Managers
GIAC Defensible Security Architecture (GDSA)
Certification overview
- Advanced-level certification
- Validates that a candidate’s real-world, hands-on skills dealing with network-centric and data-centric approaches to defensible security architecture, hardening applications across the Transmission Control Protocol/Internet Protocol (TSP/IP) stack, and secure environment creation with private, hybrid, or public clouds
- Exam consists of 75 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Security Architects
- Network Engineers
- Security Analysts
- Cyber Threat Investigators
- Senior Security Engineers
- Security Analysts
GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
Certification overview
- Advanced-level certification
- Validates a candidate’s ability to find and mitigate significant security flaws in systems and networks
- Exam consists of 55-75 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Vulnerability Testers
- Security Analysts
- Vulnerability Assessment Analysts
GIAC Information Security Fundamentals (GISF)
Certification overview
- Introductory-level certification
- Validates a candidate’s knowledge of security’s foundation, computer functions and networking, introductory level cryptography, and cyber security technologies
- Exam consists of 75 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Management
- Information Security Officers
- System Administrators
- Professionals who need an introduction to cyber security fundamentals
GIAC Information Security Professional (GISP)
Certification overview
- Intermediate-level certification for Managers and Leaders
- Validates a candidate’s knowledge of the 8 domains of cybersecurity knowledge, asset security, communications and network security, identity and access management, security and risk management, security assessment and testing, security engineering, security operations, and software development security.
- Candidate should have some experience in information systems and networking
- Exam consists of 250 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- System Administrators
- Security Administrators
- Network Administrators
- Security Managers
GIAC Mobile Device Security Analyst (GMOB)
Certification overview
- Advanced-level certification
- Validates a candidate’s to properly secure mobile devices that are accessing vital information
- Demonstrates knowledge of assessing and managing mobile device and application security, and mitigating against malware and stolen devices
- Exam consists of 75 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Information Security Analysts
- Penetration Testers
- Ethical Hackers
- Network and System Administrators
GIAC Network Forensic Analyst (GNFA)
Certification overview
- Advanced-level certification
- Validates a candidate’s ability to perform examinations employing network forensic artifact analysis
- Exam consists of 50 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Law Enforcement members
- Digital Forensic and Malware Analysts
- Cyber Defence Analysts
- Incident Response team members
- Security Operations Centre team members
GIAC Penetration Tester (GPEN)
Certification overview
- Advanced-level certification
- Validates a candidate’s ability to properly conduct a penetration test, using best practice techniques and methodologies
- Exam consists of up to 115 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Penetration Tester
- Exploit Developers
- Network Security personnel
- Ethical Hackers
GIAC Response and Industrial Defence (GRID)
Certification overview
- Advanced-level certification
- Demonstrates that a candidate understands the Active Defence Approach, ICS-specific attacks, and how these attacks inform mitigation strategies
- Exam consists of 75 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Industrial Control System Incident Response Team leads and members
- Security Operations Centre Team leads and Analysts
- Active Defenders
GIAC Reverse Engineering Malware (GREM)
Certification overview
- Advanced-level certification
- Validates a candidate’s knowledge and skills to reverse-engineer malware that targets common platforms such as Microsoft Windows and web browsers
- Exam consists of 75 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- System and Network Administrators
- Auditors
- Security Managers
- Forensic Investigators
GIAC Security Essentials Certification (GSEC)
Certification overview
- Entry-level certification
- Validates an individual’s knowledge of information security beyond simple terminology and concepts
- Recipients are skilled in active defense, cryptography, security policy and plans, incident handling and securing networks.
- Exam consists of 180 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
GIAC Security Expert (GSE)
Certification overview
- Less than 250 GSE certificate holders in the world
- Validates that a candidate has mastered the wide variety of skills required by top security consultants and practitioners
- Pre-requisites are GSEC, GCIH, GCIA with 2 Gold certifications
- Exam consists of 2 parts: 24 VM-based hands-on questions and a practical lab
- Valid for 4 years
- Recertification requires taking the current version of the exam
- Renewing GSE certification renews all other active GIAC certifications
Intended candidates
- Top Security Consultants and Practitioners
GIAC Security Leadership (GSLC)
Certification overview
- Advanced-level certification for Managers and Leaders
- Validates a candidate’s knowledge of governance and technical controls focused on protecting, detecting, and responding to security issues.
- Exam consists of 115 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Managers/Supervisors of Information Security teams
- IT Managers
GIAC Systems and Network Auditor (GSNA)
Certification overview
- Advanced-level certification for Managers and Leaders
- Validates a candidate’s ability to apply basic risk analysis techniques and to conduct technical audits of essential information systems
- Exam consists of 115 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Technical staff responsible for securing and auditing information systems
- Auditors
- Network Administrators
- Managers of Audit or Security teams
GIAC Web Application Penetration Tester (GWAPT)
Certification overview
- Advanced-level certification
- Validates a candidate’s ability to better secure organizations through penetration testing and thorough understanding of web application security issues.
- Demonstrates knowledge of web applications exploits and penetration testing methodologies
- Exam consists of 75 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Penetration Testers
- Vulnerability Testers
- Security Analysts
- Vulnerability Assessment Analysts
- Ethical Hackers
- Website Designers
Global Industrial Cyber Security Professional (GICSP)
Certification overview
- Advanced-level certification
- Assesses a candidate’s base level of knowledge and understanding across a diverse set of professionals who engineer or support control systems and share responsibility for the security of these environments
- No perquisites
- Exam consists of 115 questions
- Valid for 4 years
- Renewal requires taking the current version of the exam; or obtaining 36 continuing education credits over the 4-year period
Intended candidates
- Security Engineers
- Industry Managers
- Security Analysts
5.8 International Information Systems Security Certification Consortium
Certified Cloud Security Professional (CCSP)
Certification overview
- Co-developed with Cloud Security Alliance (CSA)
- Recognizes IT and information security leaders who have the knowledge and skills with cloud security architecture, design, operations, and service orchestration
- Candidates require a minimum of 5 years work related experience in IT; at least 3 of those years must be in information security and 1 year in one of the 6 domains of CCSP Common Body of Knowledge
- Exam consists of 125 multiple choice questions
- Valid for 3 years
- Recertification requires obtaining 90 continuing education credits during 3-year period
Intended candidates
- Enterprise Architect
- Systems Engineer
- Systems Architect
- Security Administrator
- IT and Information Security Leaders
Certified Information Systems Security Professional (CISSP)
Certification overview
- Advanced-level certification
- Candidates require a minimum of 5-years related work experience in at least 2 of the 8 (ISC)2 common body of knowledge of domains; or 4-years of work experience and a college degree or other approved credential
- Exam consists of 100-150 item computer adaptive testing
- Valid for 3 years
- Recertification requirements include obtaining 120 continuing professional education credits during the 3-year period
- Three concentrations are also available to those possessing valid CISSP certification:
- CISSP-ISSAP (Architecture)
- CISSP-ISSEP (Engineering)
- CISSP-ISSMP (Management)
Intended candidates
- Chief Information Security Officer
- Chief Security Officer
- Security Analyst/Auditor
- Director of Security
- IT Director/Manager
Healthcare Information Security and Privacy Practitioner (HCISPP)
Certification overview
- Validates knowledge and skills to implement, manager, or assess security and privacy controls for healthcare and patient information
- Designed for practitioners and consultants in healthcare information security and privacy
- Candidates require a minimum of 2-years work experience
- Exam consists of 125 multiple choice questions
- Valid for 3 years
- Recertification requires obtaining 60 continuing education credits during the 3-year period
Intended candidates
- Compliance Officer
- Medical Records Supervisor
- Practice Manager
- Information Security Manager
- Health Information Manager
Systems Security Certified Practitioner (SSCP)
Certification overview
- Global IT security certification
- Entry-level certification
- Demonstrates that the holder has the technical skills and knowledge to implement, monitor, and administer an IT infrastructure.
- Designed for practitioners in operational IT roles or in information security
- Candidates must have 1 year of cumulative work experience in one or more of the 7 domains of SSCP Common Body of Knowledge; a 1-year experience waiver will be granted to candidates who hold a bachelor’s or master’s degree in Cyber Security
- Exam consists of 125 multiple choice questions
- Valid for 3 years
- Recertification requires obtaining 60 continuing education credits during the 3-year period
Intended candidates
- Network Security Engineer
- Systems Administrator
- Security Analyst
- Systems/Network Analyst
- Security Consultant
- IT Administrators, Directors, or Managers
5.9 ISACA
Certified Cybersecurity Practitioner (CSX‑P)
Certification overview
- New certification created in 2015
- Recognizes individuals who can act as first responders for security incidents
- The only certification that tests one’s ability to perform globally validated cyber security covering the 5 core functions of the NIST Cyber Security Framework; Identify, Protect, Detect, Respond, and Recover
- Candidates must pass a performance-based exam consisting of simulated security incidents.
- Valid for 3 years
- Recertification requirements include obtaining 120 hours of continuing professional education during 3-year period
Intended candidates
- Security Practitioners
- Incident Handlers
Certified in Risk and Information Systems Control (CRISC)
Certification overview
- Recognizes those who identify, evaluate, and manage risk through the development, implementation, and maintenance of information systems controls
- Candidates must have 3-years of professional-level risk management and control experience, no education substitutes
- Valid for 3 years
- Recertification requirements include obtaining 120 hours of continuing professional education during a 3-year period
Intended candidates
- IT and Business professionals
- Risk and Compliance professionals
- Business Analysts
- Project Managers
- Security directors
Certified Information Security Manager (CISM)
Certification overview
- Management focused certification
- Recognizes candidates who manage, design, oversee, and assess an enterprise’s information security
- Candidates require a minimum of 5-years of information security experience gained within the 10-year period before writing the exam
- Written application is required
- Exam consists of 150 questions / 4 hours long
- Valid for 3 years
- Recertification requirements include obtaining 120 hours of continuing professional education during 3-year period
Intended candidates
- Information security managers and directors
- IT Security Analysts
- Risk Analysts
- IT Auditor
- Information Systems Security Manager
Certified Information Systems Auditor (CISA)
Certification overview
- Globally recognized certification
- Validates a candidate’s audit experience, skills and knowledge, and ability to assess vulnerabilities, report on compliance and institute controls within the enterprise
- Candidates require 5 years of professional information systems (IS) auditing, control or security work experience; some education substitutes
- Exam consists of 150 questions
- Certificate holders are required to take at least 120 hours of continuing education during the 3-year period
Intended candidates
- IS audit control, assurance, and security professionals
5.10 itSM Solutions
NIST Cyber Security Professional (NCSP) Foundation
Certification overview
- Entry-level certification
- Validates that a candidate has the knowledge and ability to operationalize the NIST Cyber Security Framework
- No prerequisites but basic computing skills and security knowledge are recommended
- Exam consists of 40 multiple choice questions
Intended candidates
- Security, IT, Risk Management professionals
- Auditors
- Other professions who need to understand the basics of cyber security, the components of the NIST Cyber Security Framework and how it aligns to risk management
NCSP Practitioner
Certification overview
- Validates a candidate’s skills and abilities to design, build, test, manage, improve a cyber security program based on NCSF
- Candidates must complete the NCSF Foundation training/exam before attempting the exam
- Exam consists of 65 multiple choice questions
Intended candidates
- IT and Cyber Security Professionals
5.11 McAfee Institute
Certified Counterintelligence Threat Analyst (CCTA)
Certification overview
- Validates a candidate’s ability to identify and investigate cyber criminals, conduct cyber counterintelligence investigations to mitigate threats, and investigate and prosecute hackers and cyber criminals
- Prerequisites: Bachelor’s degree or higher and 3 years of experience in a related field, or associate degree and 4 years of experience
- Candidates must pass a background check
- Exam consists of 200 questions
- Valid for 2 years
- To renew, candidates must pay a renewal fee and obtain continuing education credits
Intended candidates
- Individuals in cyber security, law enforcement, loss prevention roles
Certified Cyber Intelligence Investigator (CCII)
Certification overview
- Validates a candidate’s ability to conduct cyber investigations, utilize methodologies to prosecute cyber criminals, apply mobile and digital forensics, recognize fraud and hacking, and develop intelligence gathering.
- Perquisites: Bachelor’s degree or higher and 1 year of experience in a related field, or an associate degree and 2 years of experience
- Candidates must pass a background check
- Exam consists of 200 questions
- Valid for 2 years
- To renew, candidates must pay a renewal fee and obtain continuing education credits
Intended candidates
- Individuals in cyber security, law enforcement, loss prevention roles
Certified Cyber Intelligence Professional (CCIP)
Certification overview
- Validates a candidate’s ability to conduct cyber investigations, utilize methodologies to prosecute cyber criminals, design and implement a cyber program, understand mobile and digital forensics, and recognize fraud and hacking
- Perquisites: Bachelor’s degree or higher and 3 years of experience in a related field, or an associate degree and 4 years of experience
- Candidates must pass a background check
- Exam consists of 200 questions
- Valid for 2 years
- To renew, candidates must pay a renewal fee and obtain continuing education credits
Intended candidates
- Individuals in cyber security, law enforcement, loss prevention roles
Certified Expert in Cyber Investigations (CECI)
Certification overview
- Validates a candidate’s ability to recognize and identify cyber criminals, conduct cyber counterintelligence investigations to mitigate threats, protect an organization’s assets and information, and investigate and prosecute hackers and cybercriminals
- Prerequisites: Bachelor’s degree or higher and 4 years of experience in a related field, or an associate degree and 6 years of experience
- Candidates must pass a background check
- Exam consists of 200 true/false, multiple choice, and scenario-based questions.
- Valid for 2 years
- To renew, candidates must pay a renewal fee and obtain continuing education credits
Intended candidates
- Individuals in cyber security, law enforcement, loss prevention roles
5.12 Offensive Security
Offensive Security Certified Expert (OSCE)
Certification overview
- Demonstrates that a candidate has a mastery of advanced penetration testing skills; analyze, correct, modify, and port exploit code; and craft binaries to evade antivirus software
- Candidates should have prior knowledge of Windows exploitation techniques, Linux experience, and a solid understanding of TCP/IC and networking
- Candidates must complete the Cracking the Perimeter course before attempting exam
- Exam has a 48-hour time limit and consists of hands on penetration testing in an isolated virtual private network (VPN); must also submit a comprehensive test report
Intended candidates
- Penetration Testers
- Security Professionals
Offensive Security Certified Professional (OSCP)
Certification overview
- Validates the knowledge and skills needed to identify vulnerabilities and execute organized attacks in a controlled and focused manner
- Intended for penetration testers with strong technical and ethical hacking backgrounds, and a solid understanding of TCP/IP networking
- Candidates must first complete the Penetration Testing training course
- Certification is hard to obtain due to its notoriously difficult exam
- Candidates must pass a 24-hour exam where they are required to attack and penetrate live machines in a safe lab environment; must also submit a comprehensive penetration test report
- Certification never expires
Intended candidates
- Penetration Testers
- Network Administrators
- Network Security Professionals
Offensive Security Exploitation Expert (OSEE)
Certification overview
- Requires significant time investment
- Validates a candidate’s ability to analyze vulnerable software, find problematic code, develop sophisticated exploits under various modern Windows operating systems
- Candidates should have experience in developing windows exploits and understand how to operate a debugger
- Candidates must complete the Advanced Windows Exploitation course before attempting the exam
- Candidates should obtain OSCE certification first
- Exam consists of developing and documenting exploits during a 72-hour period; must also submit a comprehensive penetration test report
- Certification qualifies the recipient for 40 (ISC)2 continuing education credits
- Certification never expires
Intended candidates
Offensive Security Web Expert (OSWE)
Certification overview
- Validates that a candidate has practical knowledge of web application assessment and hacking process; and ability to review advanced source code in web applications, identify vulnerabilities, and exploit them
- Candidates should have familiarity with coding languages and Linux, ability to write scripts, experience with web proxies, a general understanding of web app attack vectors, theory and practice, and a solid understanding of TCP/IP and networking
- Candidates are required to take the Advanced Web Attacks and Exploitation course before attempting the exam
- 48-hour exam consisting of hands-on web application assessment in an isolated VPN network; successful candidates must also submit an assessment report
- Certification never expires
Intended candidates
- Penetration Testers
- Web Application Security Specialists
- Software Engineers
- Web Developers
Offensive Security Wireless Professional (OSWP)
Certification overview
- Validates a candidate’s ability to identify existing encryptions and vulnerabilities in Institute of Electronic Engineers (IEEE) 802.11 networks, circumvent security restrictions and recover encryption keys in use
- Candidates must have a solid understanding of TCP/IP and the Open Systems Interconnections (OSI) model, familiarity with Linux
- Candidates must complete the Offensive Security Wireless Attacks course before attempting the exam
- 4-hour exam requires that candidate to conduct wireless info gathering, and implement various attacks to get access to the target networks; must also submit a penetration test report
- Certification never expires
Intended candidates
- Network Administrators
- Penetration Testers
Security Operations and Defensive Analysis (OSDA)
Certification overview
- Validates candidates can recognize common methodologies for end-to-end attack chains (MITRE ATT&CK® framework)
- Candidates can conduct guided audits of compromised systems across multiple operating systems
- Candidates will demonstrate ability using a SIEM to identify and assess an attack as it unfolds live
- Validates candidates can manually inspect logs in order to be able to recognize both normal and abnormal or benign and malicious activity
- Certification must be renewed every three years
Intended candidates
- Penetration Testers
- Network Security Professionals
5.13 PECB
Certified Lead Ethical Hacker
Certification overview
- Validates a candidate’s knowledge of information gathering tools and techniques, threat modeling and vulnerability identification, exploitation techniques, reporting, etc.
- Candidates are required to have knowledge of information security concepts and principles and advanced skills in operating systems
- Candidates are required to have 2 years of penetration testing and cyber security experience
- Candidates are required to sign the PECB Code of Ethics and the PECB CLEH Code of Conduct
- 6-hour open book exam consists of 2 parts: the candidate must first compromise 2 or more target machines through penetration testing, then document the process in a written report
- Valid for 3 years
Renewal requirements include demonstrating that you have are still performing tasks related to the certification, meeting the required number of Continuing Professional Development (CPD) credits, and paying the annual maintenance fee
Intended candidates
- Individuals responsible for the security of information systems
- Information Security team members
Computer Forensics Foundation
Certification overview
- Validates a candidate’s knowledge of the fundamental principles and concepts of computer forensics and computer forensics processes
- No prerequisites
- Candidates are required to sign the PECB Code of Ethics
- 1-hour open book exam consists of 5 essay type questions Valid for 3 years
- Renewal requirements include demonstrating that you have are still performing tasks related to the certification, meeting the required number of Continuing Professional Development (CPD) credits, and paying the annual maintenance fee
Intended candidates
- Individuals interested in pursuing a career in Computer Forensics
ISO/IEC 27032 Foundation
Certification overview
- Validates an individual’s knowledge of the fundamental cyber security principles and concepts, and understanding of the approaches, methods, and techniques used in cyber security
- No prerequisites
- Candidates are required to sign the PECB Code of Ethics
- 1 hour exam consists of 40 multiple choice questions
- Valid for 3 years
- Renewal requirements include demonstrating that you have are still performing tasks related to the certification, meeting the required number of Continuing Professional Development (CPD) credits, and paying the annual maintenance fee
Intended candidates
- Cyber security and Information Security professionals
- Individuals interested in pursuing a career in cyber security
ISO/IEC 27032 Lead Cybersecurity Manager
- Certified Provisional
- Certified
- Certified Lead
- Certified Senior Lead
Certification overview
- Validates a candidate’s knowledge of the fundamental principles and concepts of cyber security, roles and responsibilities of stakeholders, cyber security risk management, attack mechanisms and cybersecurity controls, information sharing and coordination, integrating a cyber security program in business continuity management, and cyber security incident management and performance measurement
- Candidates are required to have a fundamental understanding of ISO/IEC 27032 and comprehensive knowledge of cyber security
- Candidates are required to sign the PECB Code of Ethics
- 3-hour open book exam consists of 12 essay type questions
- Candidates who pass the exam can apply for 1 of 4 credentials based on the number of years of work experience, cyber security experience, and total number of hours of cyber security activities
- Valid for 3 years
- Renewal requirements include demonstrating that you have are still performing tasks related to the certification, meeting the required number of Continuing Professional Development (CPD) credits, and paying the annual maintenance fee
Intended candidates
- Cyber security and Information Security Professionals
- Individuals responsible for developing and/or managing a cyber security program
Lead Forensics Examiner
- Certified Provisional
- Certified
- Certified Lead
Certification overview
- Validates a candidate’s knowledge of the fundamental principles and concepts of computer forensics, digital forensics lab requirements, computer crime investigation and forensics examinations, and maintaining chain of evidence
- Candidates are required to have knowledge of computer forensics
- Candidates are required to sign the PECB Code of Ethics
- 3-hour exam open book exam consists of 14 essay type questions
- Candidates who pass the exam can apply for 1 of 3 credentials (based on the number of years of work experience, cyber security experience, and total number of hours of forensics activities
- Valid for 3 years
- Renewal requirements include demonstrating that you have are still performing tasks related to the certification, meeting the required number of Continuing Professional Development (CPD) credits, and paying the annual maintenance fee
Intended candidates
- Computer Forensics specialists and consultants
- Cyber Security professionals
- Cyber Intelligence Analysts
- Law Enforcement professionals
- Electronic Data Analysts
Lead Pen Test Professional
- Certified Provisional
- Certified
- Certified Lead
Certification overview
- Validates a candidate’s knowledge of the fundamental principles and concepts in penetration testing, technical foundation of penetration testing, testing types, and analyzing results and the reporting process
- Candidates are required to have a fundamental understanding of penetration testing and comprehensive knowledge of cyber security
- Candidates are required to sigh the PECB Code of Ethics
- 3-hour exam consists of 150 multiple choice questions
- Candidates who pass the exam can apply for 1 of 3 credentials (based on the number of years of work experience, pen testing experience, and total number of hours of pen testing activities
- Valid for 3 years
- Renewal requirements include demonstrating that you have are still performing tasks related to the certification, meeting the required number of Continuing Professional Development (CPD) credits, and paying the annual maintenance fee
Intended candidates
- IT Professionals
- Auditors
- IT and Risk Mangers
- Penetration Testers
- Ethical Hackers
5.14 SECO Institute
Certified Ethical Hacker (S‑EHE)
Certification overview
- Program is currently being re-designed
Intended candidates
Dark Web Foundations
Certification overview
- Entry-level certification
- Developed by the Netherlands Organisation for Applied Scientific Research in collaboration with the International Criminal Police Organization (INTERPOL)
- Demonstrates that a candidate understands how to use the dark web in a secure way
- Exam consists of 40 multiple choice questions
- Valid for 3 years
Intended candidates
- IT Security Professionals
- Law Enforcement
- Policy makers and Government Officials
Ethical Hacking Foundations (S‑EHF)
Certification overview
- Entry-level certification
- Validates that a candidate has an in-depth understanding of basic penetration testing techniques and possesses fundamental hacking skills
- Exam consists of 40 multiple choice questions
- Valid for life and is not subject to re-certification requirements
Intended candidates
- Web Developers
- Computer Software Engineers
- Security Administrator
- Network Engineer
- Ethical Hackers
Ethical Hacking Leader (S‑EHL)
Certification overview
- Highest achievable qualification in the Ethical Hacking certification track
- Demonstrates that a candidate has excellent penetration testing skills and experience in leading penetration tests
- Candidates must have expert-level knowledge (SECO Expert level certificate or equivalent) and at least 3 years of relevant work experience
- No exam
- Valid for 1 year
- To renew, candidates must pay annual membership fees and obtain 40 continuing education credits during the year
Intended candidates
- Professionals who seek to validate the expertise they have built up through hands-on work experience
Ethical Hacking Practitioner (S‑EHP)
Certification overview
- Validates that a candidate has a full understanding of the penetration testing process and familiarity with common penetration testing techniques
- Candidates should have a good understanding of ethical hacking fundamentals
- S-EHF certificate (or equivalent) is recommended
- 3-part exam: 10 multiple choice questions, 5 essay type questions and 1 case study
- To renew, candidates must pay annual membership fees and obtain 60 continuing education credits over the 3-year period
Intended candidates
- Web Developers
- Security Administrators
- Network Engineers
- Computer Software Engineers
- Aspiring Penetration Testers
IT Security Expert/SOC (S-ITSE/SOC)
Certification overview
- Validates that a candidate has acquired the knowledge and skills necessary to assume responsibility for threat detection, analysis and response, and can improve an organization’s overall security poster
- Candidates should have a basic understanding of TCP/IP, operating system fundamentals and common security concepts, and 2 years of experience in a SOC
- Prerequisite is the S-ITSP or equivalent
- Candidates can choose 1 of 2 specializations: SOC Manager or IT Security Manager
- Valid for 1 year
- To renew, candidates must pay annual membership fees and obtain 120 continuing education credits over the 3-year period
Intended candidates
- Individuals that want to become Tier I/Tier II Soc Analysts
- Future SOC Managers
- System Engineers
- Security Analysts
IT Security Foundation (S‑ITSF)
Certification overview
- Entry-level certification
- Validates that a candidate has a basic understanding of computer architecture, common hardware vulnerabilities and security measures
- No prerequisites and suitable for beginners with basic understanding of computers and technology
- Exam consists of 40 multiple choice questions
- Valid for life and not subject to re-certification requirements
Intended candidates
- Network or System Administrator
- Individuals looking to start a career in IT Security
IT Security Practitioner (S‑ITSP)
Certification overview
- Validates a candidate’s technical competencies in vulnerability management, firewall and network security, security architecture and penetration testing
- Candidates should have a good understanding of fundamental IT security terms, concepts and principle
- IT Security Foundation certificate (or equivalent) is recommended
- Exam includes 10 multiple choice questions, 5 open questions, and 1 case study
- Valid for 1 year
- To renew, candidates must pay annual membership fees and obtain 60 continuing education credits during the year
Intended candidates
- Security Administrators
- Security Analysts
- Security Architects
- Security Auditors
- Future SOC Analysts