An overview of this page

The sheer number of cyber security certifications that have sprung up over the last few years is incredible. Finding them all, finding the one that’s right for you and comparing the various options is difficult, which is why I’ve tried to summarize the majority of the certifications out there into one great big list.

You can click on the links below to take you directly to the following sections:

Cyber Security Certifications Basics

The great big list of cyber security certifications


Cyber Security Certifications Basics

Why become cyber security certified?

Even with a university degree it can be difficult to prove to potential employers that you have the actual cyber security skills they desperately need. More importantly, employers will want you to begin applying those skills immediately without a great deal of supervision or additional training from day one of your employment.

Certification may be a way to overcome this concern for both you and the employer.

Or perhaps you have taken a bit of a non-traditional career path (I actually did my undergrad degree in history and now I’m a cyber security professional so it can happen) and need to ramp up your cyber security credentials but don’t have the time or funds needed to go back and complete a Computer Science BA or Information Security Master’s degree.

Certification again may be a way to overcome these concerns for both you and your employer so you can get the job you want.

I want to start a career in cyber security

If you’ve just graduated the allure of millions of open positions at higher than average starting wages in cyber security makes it a very attractive industry to start your career in. Unfortunately it’s a job where employers value highly specific skills and battle hardened experience over all the stuff you actually have on your resume at this point in your career.

This is one of the most common problems I coach students or recent graduates on: how to land an entry level position that requires 3 to 5 years of experience and demonstrated abilities in specific skills and technologies when you have none of that yet.

What I generally recommend for those new to the industry is to start with entry level certifications such as The Associate of (ISC)² and the CompTIA Security+ (see below for more details on these) to demonstrate a broad understanding of the industry in general. These certification also provide some evidence that you are a self-starter for taking the time and considerable effort to become certified.

I also recommend going online to search for job postings at companies you would like to work for, or general job sites like LinkedIn or Glass Door, and find actual posted positions that would be the perfect job for you. Find 10, maybe 20 or 30 of these and read the requirements closely. What certifications do they recommend or require? Often it’s a CISSP or a specialized industry certification.

Then look for what specific skills like SIEM or vendor products they want you to have experience with. This could be Palo Alto Networks or Cisco etc. While you can’t magically manufacture 3 years of experience in any of these technologies, you can become certified in them much quicker and therefore demonstrate that you have some of the basic skills the employer needs. That might just be enough to get the job.

I want to level up my career with cyber security certification

If you are looking to level up your career, you’re likely familiar with most of the certifications and technologies already listed, and are looking for other more specific or exotic certs to further increase your subject-matter expertise or differentiate yourself for a specific career opportunity.

In this case, I hope this compiled list helps you find what you are looking for. But I’d also certainly appreciate your feedback as an industry veteran on any certifications I’ve missed that might be of interest to others or those who are just getting started in our industry.

What are the different types of certification?

There are many ways to slice and dice a list like this. However, I’ve chosen three categories that in my opinion really define the cyber security certification landscape:

Industry-standard certifications

These certifications are vender neutral and independently administered by accrediting organizations like EC Council, ISACA, GIAC, (ISC)2 and CompTIA,
meaning that they focus on standards, not specific technologies, and provide a broad understanding of one or more areas of cyber security. These are the “generalist” certs.

Specialized skills-based certifications

This category focuses on specific skills, such as auditing, forensics, penetration testing, cloud security and industry vertical skills, such as healthcare or finance and are often administered by the same accrediting organizations or by other very highly niche focused accrediting organizations.

Cyber security vendor certifications

These certifications are designed and administered by the actual manufacturers of security software and equipment. They demonstrate deep practical knowledge in how to implement, support, manage and use their specific technology. Often these are the most valuable and relevant to employers, but they are also the hardest and most expensive to get.

A note on cost and time commitment

Obtaining certifications isn’t cheap or easy. That’s why they are valuable. They are an investment of both time and money and this needs to be taken into consideration when deciding to pursue one or more cyber-security certifications. While taking the actual tests might only cost $100, in some cases this can be deceiving. There are other considerable expenses, such as textbooks, learning materials and actual in-person or online training that is often required in order to pass the certification test.

In some cases, mostly for vendor certifications, you may be required to attend a $2,000 – $3,000 training course as a prerequisite to taking the certification exam, and to provide access to their actual equipment or software. So make sure you take all costs into account when making your decision.

In Conclusion…

Whatever your personal situation may be, becoming certified in several areas and disciplines in cyber security is all about proving you have at least an entry level amount of skill. It’s also about differentiating yourself from the competition when it comes to getting the job you want.


The great big list of cyber security certifications

(ISC)² Certifications

(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, programmatic approach to security.

Associate of (ISC)² – The Associate of (ISC)² allows those just starting out in the information security workforce to demonstrate their competence in the field. Associates have passed a rigorous (ISC)² certification exam, proving their cybersecurity knowledge, and maintaining their continuing professional education (CPE) requirements while working toward completing the experience requirements to become fully certified as a CISSP, SSCP, CCSP, HCISPP, CCFP, CAP or CSSLP.

CISSP® – Certified Information Systems Security Professional – The vendor-neutral CISSP certification is the ideal credential for those with proven deep technical and managerial competence, skills, experience, and credibility to design, engineer, implement, and manage their overall information security program to protect organizations from growing sophisticated attacks.

SSCP – Systems Security Certified Practitioner – The SSCP certification is the ideal credential for those with proven technical skills and practical security knowledge in hands-on operational IT roles. It provides industry-leading confirmation of a practitioner’s ability to implement, monitor and administer IT infrastructure in accordance with information security policies and procedures that ensure data confidentiality, integrity and availability.

CCSP – Certified Cloud Security Professional – Backed by the two leading non-profits focused on cloud and information security, the Cloud Security Alliance (CSA) and (ISC)², the CCSP credential denotes professionals with deep-seated knowledge and competency derived from hands-on experience with cyber, information, software and cloud computing infrastructure security. CCSPs help you achieve the highest standard for cloud security expertise and enable your organization to benefit from the power of cloud computing while keeping sensitive data secure.

HCISPP – HealthCare Information Security and Privacy Practitioner – HCISPPs provide the front-line defense in protecting health information. Backed by (ISC)², a global not-for-profit organization that delivers the gold standard for information security certifications, the HCISPP credential confirms a practitioner’s core knowledge and experience in security and privacy controls for personal health information.

CCFP – Certified Cyber Forensics Professional – The CCFP credential indicates expertise in forensics techniques and procedures, standards of practice, and legal and ethical principles to assure accurate, complete, and reliable digital evidence admissible in a court of law. It also indicates the ability to apply forensics to other information security disciplines, such as e-discovery, malware analysis, or incident response. In other words, the CCFP is an objective measure of excellence valued by courts and employers alike.

CAP – Certified Authorization Professional – The Certified Authorization Professional (CAP) certification is an objective measure of the knowledge, skills and abilities required for personnel involved in the process of authorizing and maintaining information systems. Specifically, this credential applies to those responsible for formalizing processes used to assess risk and establish security requirements and documentation. Their decisions will ensure that information systems possess security commensurate with the level of exposure to potential risk, as well as damage to assets or individuals.

CSSLP – Certified Secure Software Lifecycle Professional – The CSSLP certification validates software professionals have the expertise to incorporate security practices – authentication, authorization and auditing – into each phase of the SDLC, from software design and implementation to testing and deployment

ISACA Information Systems Audit and Control Association Certifications

As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.

CISA – Certified Information Systems Auditor -The CISA designation is a globally recognized certification for IS audit control, assurance and security professionals. Being CISA-certified showcases your audit experience, skills and knowledge, and demonstrates you are capable to assess vulnerabilities, report on compliance and institute controls within the enterprise.

CISM Certified Information Security Manager – The uniquely management-focused CISM certification promotes international security practices and recognizes the individual who manages, designs, and oversees and assesses an enterprise’s information security.

CGEIT Certified in the Governance of Enterprise IT – CGEIT recognizes a wide range of professionals for their knowledge and application of enterprise IT governance principles and practices. As a CGEIT certified professional, you demonstrate that you are capable of bringing IT governance into an organization—that you grasp the complex subject holistically, and therefore, enhance value to the enterprise.

CRISC Certified in Risk and Information Systems Control – CRISC is the only certification that prepares and enables IT professionals for the unique challenges of IT and enterprise risk management, and positions them to become strategic partners to the enterprise.

GIAC Global Information Assurance Certifications

GIAC (Global Information Assurance Certification) was founded in 1999 to validate the skills of information security professionals. The purpose of GIAC is to provide assurance that a certified individual has the knowledge and skills necessary for a practitioner in key areas of computer, information and software security. GIAC certifications are trusted by thousands of companies and government agencies, including the United States National Security Agency (NSA).

GSEC Security Essentials – Security Professionals that want to demonstrate they are qualified for IT systems hands-on roles with respect to security tasks. Candidates are required to demonstrate an understanding of information security beyond simple terminology and concepts.

GCIH Certified Incident Handler – Incident handlers manage security incidents by understanding common attack techniques, vectors and tools as well as defending against and/or responding to such attacks when they occur. The GCIH certification focuses on detecting, responding, and resolving computer security incidents.

GCIA Certified Intrusion Analyst – GIAC Certified Intrusion Analysts (GCIAs) have the knowledge, skills, and abilities to configure and monitor intrusion detection systems, and to read, interpret, and analyze network traffic and related log files.

GPEN Penetration Tester – The GPEN certification is for security personnel whose job duties involve assessing target networks and systems to find security vulnerabilities. Certification objectives include penetration-testing methodologies, the legal issues surrounding penetration testing and how to properly conduct a penetration test as well as best practice technical and non-technical techniques specific to conduct a penetration test.

GWAPT Web Application Penetration Tester – Web applications are one of the most significant points of vulnerability in organizations today. Most organizations have them (both web applications and the vulnerabilities associated with them). Web app holes have resulted in the theft of millions of credit cards, major financial loss, and damaged reputations for hundreds of enterprises. The number of computers compromised by visiting web sites altered by attackers is too high to count. This certification measures and individuals understanding of web application exploits and penetration testing methodology.

GISF Information Security Fundamentals – Proficient infosec administrators can network well on the eighth layer of the OSI model (political) and the material contained in this track will help them to bridge the gap that often exists between managers and system administrators. GISF candidates will learn and be able to demonstrate key concepts of information security including: understanding the threats and risks to information and information resources, identifying best practices that can be used to protect them, and learning to diversify our protection strategy.

GCED Certified Enterprise Defender – The GCED builds on the security skills measured by the GSEC (no overlap). It assesses more advanced, technical skills that are needed to defend the enterprise environment and protect an organization as a whole. Knowledge, skills and abilities assessed are taken from the areas of Defensive Network Infrastructure, Packet Analysis, Penetration Testing, Incident Handling, and Malware Removal.

GCWN Certified Windows Security Administrator – GIAC Certified Windows Security Administrators (GCWNs) have the knowledge, skills and abilities to secure Microsoft Windows clients and servers, including technologies such as PKI, IPSec, Group Policy, AppLocker, and PowerShell.

GICSP Global Industrial Cyber Security Professional – The GICSP bridges together IT, engineering and cyber security to achieve security for industrial control systems from design through retirement. This unique vendor-neutral, practitioner focused industrial control system certification is a collaborative effort between GIAC and representatives from a global industry consortium involving organizations that design, deploy, operate and/or maintain industrial automation and control system infrastructure. GICSP will assess a base level of knowledge and understanding across a diverse set of professionals who engineer or support control systems and share responsibility for the security of these environments.

GXPN Exploit Researcher and Advanced Penetration Tester – Security personnel whose job duties involve assessing target networks, systems and applications to find vulnerabilities. The GXPN certifies that candidates have the knowledge, skills, and ability to conduct advanced penetration tests, how to model the abilities of an advanced attacker to find significant security flaws in systems, and demonstrate the business risk associated with these flaws.

GAWN Assessing and Auditing Wireless Networks – The GAWN certification is designed for technologists who need to assess the security of wireless networks. The certification focuses on the different security mechanisms for wireless networks, the tools and techniques used to evaluate and exploit weaknesses, and techniques used to analyze wireless networks. Students will not only gain experience using tools to assess wireless networks, they will understand how the tools operate and the weaknesses in protocols that they evaluate.
GCUX Certified UNIX Security Administrator – GIAC Certified UNIX System Administrators (GCUXs) have the knowledge, skills and abilities to secure and audit UNIX and Linux systems.

GMOB Mobile Device Security Analyst – Mobile phones and tablets continue to demonstrate their usefulness and importance in enterprises and government offices. With the amount of sensitive data that can be accessed on these devices and their lack of security, mobile devices are enticing targets for nefarious attackers. The GMOB ensures that the people charged with protecting systems and networks know how to properly secure the mobile devices accessing vital information.

GMON Continuous Monitoring Certification – Preventing all intrusions is impossible, but early detection is a must for the security of your enterprise. The proper use of Defensible Security Architecture, Network Security Monitoring (NSM)/Continuous Diagnostics and Mitigation (CDM)/ Continuous Security Monitoring will support the hindrance of intrusions and allow for early detection of anomalous activity.

GCCC Critical Controls Certification – GIAC Critical Controls Certification (GCCC) is the only certification based on the Critical Security Controls, a prioritized, risk-based approach to security. This certification ensures that candidates have the knowledge and skills to implement and execute the Critical Security Controls recommended by the Council on Cybersecurity, and perform audits based on the standard.

GPYC Python Coder – A professional that can create and modify custom tools is a valuable member of any information security team. Code developers with information security skills can customize tools to their environment, create tools for the information security community, increase productivity by automating previously manual tasks, simulate advanced attacks, and more. The GPYC certification focuses on applying core programming concepts and techniques to the Python programming language. The certification has a special focus on skills and techniques that will assist an information security professional in penetration tests, daily work, and special projects. Certified individuals can create simple Python-based tools to interact with network traffic, create custom executables, test and interact with databases and websites, and parse logs or sets of data.

GRID Response and Industrial Defense – The necessity of identifying and protecting critical infrastructure, be it a public utility, a commercial manufacturing facility, or any other type of Industrial Control System (ICS), has moved from what once was a little-known topic to one that is a top priority for many organizations. Their very critical and unique challenges demand a specific approach and informed understanding to secure ICS-releated assets and respond to the incidents they face.

EC-Council Certifications

Iternational Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 145 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 200,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

CND Certified Network Defender – CND is a vendor-neutral, hands-on, instructor-led comprehensive network security certification training program. It is a skills-based, lab intensive program based on a job-task analysis and cybersecurity education framework presented by the National Initiative of Cybersecurity Education (NICE). The course has also been mapped to global job roles and responsibilities and the Department of Defense (DoD) job roles for system/network administrators. The course is designed and developed after extensive market research and surveys.

CEH Certified Ethical Hacker – This is the worlds most advanced certified ethical hacking course with 18 of the most current security domains any individual will ever want to know when they are planning to beef up the information security posture of their organization. In 18 comprehensive modules, the course covers 270 attack technologies, commonly used by hackers. The goal of this course is to help you master an ethical hacking methodology that can be used in a penetration testing or ethical hacking situation. You walk out the door with ethical hacking skills that are highly in demand, as well as the internationally recognized Certified Ethical Hacker certification! This course prepares you for EC-Council Certified Ethical Hacker exam 312-50.

ECSA Certified Security Analyst – The ECSA penetration testing course provides you with a real world hands-on penetration testing experience and is a globally accepted hacking and penetration testing class available that covers the testing of modern infrastructures, operating systems and application environments while teaching the students how to document and write a penetration testing report.

CHFI Computer Hacking Forensic Investigator Certification – Digital forensic practices stem from forensic science, the science of collecting and examining evidence or materials. Digital or computer forensics focuses on the digital domain including computer forensics, network forensics, and mobile forensics. As the cyber security profession evolves, organizations are learning the importance of employing digital forensic practices into their everyday activities. Computer forensic practices can help investigate attacks, system anomalies, or even help System administrators detect a problem by defining what is normal functional specifications and validating system information for irregular behaviors.

ECES Certified Encryption Specialist – The EC-Council Certified Encryption Specialist (ECES) program introduces professionals and students to the field of cryptography. The participants will learn the foundations of modern symmetric and key cryptography including the details of algorithms such as Feistel Networks, DES, and AES.

LPT Licensed Penetration Tester (Master) Credential – To earn the prestigious EC-Council LPT (Master) Credential, you must successfully pass our most challenging practical exam available. The LPT (Master) practical exam is the capstone to EC-Council’s entire information security track; from the Certified Ethical Hacker Program (C|EH) to theEC-Council Certified Security Analyst (E|CSA) Program. It all culminates with the ultimate test of your career as a penetration tester – the Licensed Penetration Tester practical exam.

CSCU Certified Secure Computer User – The purpose of the CSCU training program is to provide individuals with the necessary knowledge and skills to protect their information assets. This class will immerse students into an interactive environment where they will acquire a fundamental understanding of various computer and network security threats such as identity theft, credit card fraud, online banking phishing scams, virus and backdoors, emails hoaxes, sex offenders lurking online, loss of confidential information, hacking attacks and social engineering. More importantly, the skills learned from the class helps students take the necessary steps to mitigate their security exposure.

ECIH Certified Incident Handler – The EC-Council Certified Incident Handler (ECIH) program is designed to provide the fundamental skills to handle and respond to the computer security incidents in an information system. The course addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats. Students will learn how to handle various types of incidents, risk assessment methodologies, and various laws and policies related to incident handling. After attending this course, they will be able to create incident handling and response policies as well as deal with various types of computer security incidents.

ECSP Certified Secure Programer .NET – The ECSP certification is intended for programmers who are responsible for designing and building secure Windows/Web based applications with .NET Framework. It is designed for developers who have .NET development skills.

ECSP Certified Secure Programer JAVA – The ECSP certification is intended for programmers who are responsible for designing and building secure Windows/Web based applications with Java. It is designed for developers who have Java development skills.

ECSS Certified Security Specialist – EC-Council Certified Security Specialist (ECSS) allows students to enhance their skills in three different areas namely information security, network security, and computer forensics.

EDRP Disaster Recovery Professional – This IT disaster recovery course takes an enterprise-wide approach to developing a disaster recovery plan. Students will learn how to create a secure network by putting policies and procedures in place, and how to restore a network in the event of a disaster.

CCISO Certified CISO Certification – The Certified CISO (CCISO) program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on the application of information security management principles from an executive management point of view. The program was developed by sitting CISOs for current and aspiring CISOs.

CompTIA Certifications

The Computing Technology Industry Association (CompTIA) is the leading provider of vendor-neutral IT certifications in the world.

For more than 20 years, CompTIA has developed training and certification exams for computing support, networking, security, open-source (Linux) development, cloud and mobility. Our regular review and updates of exams ensure that CompTIA certifications continue to address the needs of today’s technology challenges.

CompTIA is a non-profit trade association serving as the voice of the information technology industry. Through professional certifications, educational programs, research, networking events, philanthropy and public policy advocacy, CompTIA is dedicated to helping advance the IT industry.

CompTIA A+ – IT success stories start with CompTIA A+ certification. It validates understanding of the most common hardware and software technologies in business and certifies the skills necessary to support complex IT infrastructures. CompTIA A+ is a powerful credential that helps IT professionals worldwide ignite their IT career. CompTIA A+ 220-902 covers installing and configuring operating systems including Windows, iOS, Android, Apple OS X and Linux. It also addresses security, the fundamentals of cloud computing and operational procedures.

CompTIA Network+ – CompTIA Network+ is a vendor neutral networking certification that is trusted around the world. It validates the essential knowledge and skills needed to confidently design, configure, manage and troubleshoot any wired and wireless networks. CompTIA Network+ certified individuals are in-demand worldwide. CompTIA Network+ covers the configuration, management, and troubleshooting of common wired and wireless network devices. Also included are emerging technologies such as unified communications, mobile, cloud, and virtualization technologies.

CompTIA Security+ – CompTIA Security+ is the certification globally trusted to validate foundational, vendor-neutral IT security knowledge and skills. As a benchmark for best practices in IT security, this certification covers the essential principles for network security and risk management. CompTIA Security+ certification covers network security, compliance and operation security, threats and vulnerabilities as well as application, data and host security. Also included are access control, identity management, and cryptography.

CompTIA CSA+ – CompTIA Cybersecurity Analyst (CSA+) is an international, vendor-neutral cybersecurity certification that applies behavioral analytics to improve the overall state of IT security. CSA+ validates critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats. The CompTIA Cybersecurity Analyst (CSA+) certification verifies that successful candidates have the knowledge and skills required to configure and use threat detection tools, perform data analysis and interpret the results to identify vulnerabilities, threats and risks to an organization, with the end goal of securing and protecting applications and systems within an organization.

CompTIA CSAP Advanced Security Practitioner – CompTIA Advanced Security Practitioner (CASP) meets the growing demand for advanced IT security in the enterprise. Recommended for IT professionals with at least 5 years of experience, CASP certifies critical thinking and judgment across a broad spectrum of security disciplines and requires candidates to implement clear solutions in complex environments. CASP covers enterprise security, risk management and incident response, research and analysis, integration of computing, communications and business disciplines as well as technical integration of enterprise components.

IAPP The International Association of Privacy Professionals

The IAPP is the largest and most comprehensive global information privacy community and resource. Founded in 2000, the IAPP is a not-for-profit organization that helps define, support and improve the privacy profession globally.

CIPP Certified Information Privacy Professional – The Certified Information Privacy Professional (CIPP) helps organizations around the world bolster compliance and risk mitigation practices, and arms practitioners with the insight needed to add more value to their businesses.

CIPM Certified Information Privacy Manager – The CIPM designation says that you’re a leader in privacy program administration and that you’ve got the goods to establish, maintain and manage a privacy program across all stages of its lifecycle. The CIPM is the world’s first and only certification in privacy program management. When you earn a CIPM, it shows that you don’t just know privacy regulations—you know how to make it work for your organization. In other words, you’re the go-to person for day-to-day operations when it comes to privacy.

CIPT Certified Information Privacy Technologist – The CIPT credential shows you’ve got the knowledge to build your organization’s privacy structures from the ground up. With regulators worldwide calling for tech professionals to factor data privacy into their products and services, the job market for privacy-trained IT pros has never been stronger. The CIPT is the first and only certification of its kind worldwide. It was launched by the IAPP in 2014 to meet the growing need that only tech pros can fill—securing data privacy at all stages of IT product and service lifecycles.

Offensive Security Certifications

Offensive Security is the leader in performance-based information security training and attack simulations. Additionally, Offensive Security is the creator of industry standard tools such as the Kali Linux penetration testing platform and The Exploit Database, the largest collection of publicly released exploits online.

OSCP Offensive Security Certified Professional – The Offensive Security Certified Professional (OSCP) is the companion certification for our Penetration Testing with Kali Linux training course and is the world’s first completely hands-on offensive information security certification. The OSCP challenges the students to prove they have a clear and practical understanding of the penetration testing process and life-cycle through an arduous twenty-four (24) hour certification exam. An OSCP has demonstrated their ability to be presented with an unknown network, enumerate the targets within their scope, exploit them, and clearly document their results in a penetration test report.

OSWP Offensive Security Wireless Professional – The Offensive Security Wireless Professional (OSWP) is the only practical wireless attacks certification in the security field today. The OSWP challenges the students to prove they have the practical ability to perform 802.11 wireless audits using open source tools through a hands-on, four-hour certification exam. The OSWP exam consists of several dedicated wireless networks with various configurations and vulnerabilities. The examinees are tasked with identifying, analyzing, and attacking each of the wireless networks presented to them, with the goal of gaining access to the network encryption keys. The student must submit the correct encryption codes for all networks, as well as the attack vectors used to obtain them in order to be awarded the OSWP certification.

OSCE Offensive Security Certified Expert – The OSCE is an ethical hacking certification and stands for the Offensive Security Certified Expert. This certification is designated to students who take and successfully pass the Cracking the Perimeter (CTP) exam. This is a hands-on ethical hacking course designed by and for professional penetration testers. The Offensive Security Certified Expert (OSCE) has an extremely challenging exam wherein students are required to demonstrate that they comprehend not only the material directly covered in the CTP course, but that they also fully grasp the underlying concepts presented throughout the course and can apply them in unknown situations. The OSCE exam challenges the students to prove that they have a clear and practical understanding of advanced penetration testing skills through an arduous forty-eight hour certification exam. The OSCE exam consists of a dedicated vulnerable network, which is designed to be compromised within a 48-hour time period. The exam is entirely hands-on and is completed with the examinee submitting an in-depth penetration test report of the OSCE examination network. The coveted OSCE certification is awarded to students who successfully gain administrative access to systems on the target network.

OSEE Offensive Security Exploitation Expert – The Offensive Security Exploitation Expert (OSEE) is the companion certification to the extremely demanding Advanced Windows Exploitation (AWE) course. The OSEE certification thoroughly assesses not only the students understanding of the course content, but also their ability to think laterally and adapt to new challenges. The OSEE exam labs are configured with a limited number of Windows target systems with software containing specific unknown vulnerabilities for which the student must develop exploits. In this extremely challenging exam, the student is provided with 72 hours in order to develop their exploits and fully document the steps taken.

OSWE Offensive Security Web Expert – The Offensive Security Web Expert (OSWE) is an entirely hands-on web application penetration testing security certification. The OSWE challenges the students to prove they have a clear and practical understanding of the web application assessment and hacking process through a challenging twenty four (24) hour certification exam. The OSWE exam consists of a remotely-hosted dedicated vulnerable network, which is designed to be compromised within a 24-hour time period. The exam is entirely hands-on and is completed with the candidate submitting an in-depth penetration test report of the OSWE network consisting of the steps required to exploit each application. The coveted OSWE certification is awarded to students who successfully gain administrative access to systems on the vulnerable network.

McAfee Institute Certifications

McAfee Institute is an eLearning organization that empowers professionals with real-world applicable training to enhance their professional credentials and skill sets. We provide online courses, board certifications, and micro degrees in the areas of Cyber Investigations, Intelligence, Cyber Security, eCommerce Fraud, Loss Prevention, Fraud, Cyber Crime, Human Trafficking, Deception Detection & more.

CCTA Certified Counterintelligence Threat Analyst – A Cyber Counterintelligence Analyst works at all levels of the federal government which include FBI, NSA, CIA, USS, DOD, and DEA. CCTA’s also work at large multi-national corporations as well protecting organizations from the theft of proprietary information, trade secrets, assets, merchandise, customer information and more. The CCTA® credential and designation is a game changer for the industry and your career!

CCII Certified Cyber Intelligence Investigator – The CCII is the leading industry certification for law enforcement, loss prevention, private investigators, and fraud professionals.The skills that you will learn by studying for the CCII will help you conduct cyber investigations and critical intelligence gathering missions quicker than ever before, with more accuracy. You will learn how to identify your person of interest, conduct timely cyber investigations, and methodologies to prosecute cyber criminals regardless of their location. You will learn topics such cyber investigations, mobile & digital forensics, e-commerce fraud, auction fraud, hacking, intelligence gathering, social media investigation methodologies, legal fundamentals and more!

CCIP Certified Cyber Intelligence Professional – The CCIP is the leading industry certification for law enforcement, loss prevention, private investigators, and fraud professionals. The skills that you will learn by studying for the CCIP will help you conduct and manage cyber investigations and critical intelligence gathering missions quicker than ever before, with more accuracy. You will learn how to identify your person of interest, conduct timely cyber investigations, and methodologies to prosecute cyber criminals regardless of their location. Most importantly you will learn how to design, implement and manage a cyber program and team within your organization, agency or department as well. You will learn topics such cyber investigations, mobile & digital forensics, e-commerce fraud, auction fraud, hacking, intelligence gathering, social media investigative methodologies, legal fundamentals and more!

CCIE Certified Cyber Investigative Expert – This is an exciting online Professional Board Certification focused on enhancing your skill sets as a “Cyber Investigations Expert” which takes a blended learning approach of self-study, live interactions, and instructor lead investigative exercises that will help you to learn how to conduct successful cyber investigations with effective new concepts to prosecute the guilty.

CTFI Certified Cyber Threat Forensic Investigator – The Cyber-Threat Forensic Investigator (CTFI): provides students the essential domain knowledge required to serve in decision-making roles throughout the cyber-security industry. Students will learn how to analyze cyber-security risks, develop appropriate protection & response options, and assess operational requirements for government, military, critical infrastructure, retail and commercial missions. Upon completing the board certification, students will possess advanced knowledge of the strategy, policy, investigation, intelligence, prosecution and analytic aspects of cyber-security, enabling them to fill critical roles in operational cyber-security investigative missions supporting both retail and governmental entities.

CEFI Certified Ecommerce Fraud Investigator – For those professionals in law enforcement, intelligence, loss prevention, fraud, IT, and investigations wanting to elevate their career to the next level with an emphasis on eCommerce fraud, investigation, prosecution, and program development. CEFI’s are skilled in eCommerce fraud investigation management, online fraud identification, auction & classified investigations, digital evidence collection, developing reports, prosecution and testimony to validate findings in a global environment.

CFHI Certified Forensic Hi-Tech Investigator – The industry’s Most Elite Computer and Mobile Forensic Investigators that are trained in advanced and state of the art methodologies designed to help identify, investigate and prosecute the most sophisticated types of computer crimes known to man. This Professional Board Certification program focuses on enhancing your skill sets as a “Hi-Tech Forensic Expert” which takes a blended learning approach of self-study, live interactions, and instructor led labs that will help you to learn how to conduct successful computer forensic investigations with powerful new concepts to prosecute the guilty.

CHTI Certified Human Trafficking Investigator – The Board Certified Human Trafficking Investigator (CHTI®) designation is awarded to Human Trafficking practitioners who have proven expertise and proficiency in human trafficking investigation management, intelligence gathering, digital evidence collection, interview, and interrogation, developing reports and testimony to validate findings. The CHTI® is evidence of an expert skill set in Human Trafficking investigations.This is the most sought after certification in the industry for those professionals in law enforcement wanting to elevate their career to the next level with an emphasis in human trafficking. The CHTI® credential is premier credential in the industry and is taught by world class professionals which will teach you everything you need to know to be highly effective in combating the global issue of human trafficking.

CORCI – Certified Organized Retail Crime Investigator – The Organized Retail Crime Investigator (CORCI™) Board Certification is the industry’s leading certification that focuses on the identification, investigation, and prosecution of Organized Retail Crime. Join the ranks of the industry’s best, Organized Retail Crime Investigators today and establish your expertise and credibility by earning your CORCI™ credential and designation.

CPCI Certified Professional Criminal Investigator – The Certified Professional Criminal Investigator (CPCI) program which is the industry’s premier board certification focused on criminal investigations. The responsibilities of today’s law enforcement and investigators within all industries are complex and challenging.The CPCI equips criminal investigators around the world with the most advanced knowledge and skill sets required to be successful in their role. In today’s changing climate, criminal investigators are faced with a multitude of situations. Beyond traditional investigation methodologies, criminal investigators around the world must now be experts in cyber investigations, corruption, terrorism, fraud, human behavior, interview and interrogation and more, to ensure the investigator is fully-equipped with the skill sets needed to meet the rigorous demands of the environments in which they will be working.

SMIA Certified Social Media Intelligence Analyst – The SMIA Online Board Certification will keep you on the edge of your seat teaching you the most advanced and state-of-the-art intelligence and investigative methodologies employed by our nation’s most elite cyber investigators! We are taking over 25 years of hands-on experience from the Federal, State and Local Law Enforcement Levels and Military Intelligence Sectors conducting social media investigations and sharing with you, our insights into what contributes to their success and failures.

WVTS Certified Workplace Violence and Threat Specialist – Active shooter scenarios and workplace violence situations unfold quickly leaving the employees vulnerable with little time to respond and mitigate the event. More Americans are murdered at work than die at work from any other cause. OSHA reports 1,000 workplace homicides per year and when adjusted for estimated incidents not reported to OSHA exceeds 1,500 per year. OSHA estimates assaults in the workplace at 2 million per year with other estimates as high as 10 million per year. OSHA estimates sexual assaults in the workplace at 51,000 per year with other estimates as high as 500,000 per year.

ELBC Executive Leadership Board Certification – The Board Certification in Executive Leadership teaches you how to become an influential leader that delivers extraordinary results and gives you the strategic insights, personal leadership skills, and powerful network to accelerate your career.

Mile 2 Cyber Security Certifications

Mile2 is a developer of proprietary vendor neutral cyber security certifications which are accredited by NSA’s CNSS 4011-4016. Mile2’s courses are approved on Homeland’s Security NICCS training schedule and is on the FBI’s preferred cyber security certification requirements. Mile2® administers its certification exams through the MACS (Mile2 Assessment and Certification System) system.

C)ISSO Certified Information Systems Security Officer
C)PTE Certified Penetration Testing Engineer
C)PTC Certified Penetration Testing Consultant
C)DRE Certified Disaster Recovery Engineer
C)DFE Certified Digital Forensics Examiner
C)NFE Certified Network Forensics Examiner
C)SWAE Certified Secure Web Applications Engineer
C)IHE Certified Incident Handling Engineer
C)WSE Certified Wireless Security Engineer
C)SS Certified Security Sentinel
C)VA Certified Vulnerability Assessor
C)SLO Certified Security Leadership Officer
C)PEH Certified Professional Ethical Hacker
C)ISSM Certified Information Systems Security Manager
C)ISSA Certified Information Systems Security Auditor
C)ISRM Certified Information Systems Risk Manager
ISCAP Information Systems Certification and Accreditation Professional
C)SP Certified Security Principles
C)SAP Certified Security Awareness Principles
C)VE Certified Virtualization Engineer
C)VSE Certified Virtualization Security Engineer
C)CSC Certified Cloud Security Consultant
C)VDE Certified Virtual Desktop Engineer
C)ISS Certified IPv6 Security Specialist
C)VFE Certified Virtualization Forensics Examiner
C)PCE Certified PowerCLI Engineer
C)VP Certified Virtualization Principles
C)CSO Certified Cloud Security Officer
C)ISMS-LA Certified Information Security Management Systems Lead Auditor
C)ISMS-LI Certified Information Security Management Systems Lead Implementer

Certified Wireless Network Professionals Certifications

Certified Wireless Network Professional (CWNP) is the IT industry standard for vendor neutral enterprise Wi-Fi certification and training.

Founded in 1999, we offer high-stakes, proctored certification exams focused on 802.11 wireless networking technologies, with four levels of expertise across six separate career certifications. Further, CWNP maintains a presence in over 150 countries and centers with Authorized CWNP Learning Centers that provide hands-on information technology training to those seeking a CWNP certification.

CWTS® – Certified Wireless Technology Specialist is an entry level certification for sales professionals, project managers, and networkers who are new to enterprise Wi-Fi. Learn what Wi-Fi is before you learn how it works. CWTS is a lifetime certification.

CWNA® – Certified Wireless Network Administrator is an administrator level career certification for networkers who are in the field and need to thoroughly understand RF behavior, site surveying, installation, and basic enterprise Wi-Fi security. CWNA is where you learn how RF and IP come together as a Wi-Fi network. The CWNA certification is valid for 3 years.

CWSP® – Certified Wireless Security Professional is a professional level certification for network engineers who seek to establish their expertise in enterprise Wi-Fi security. Contrary to popular belief, enterprise Wi-Fi can be secure, if the IT pros installing and configuring it understand how to secure the wireless network. You must have a current CWNA credential to take the CWSP exam. The CWSP certification is valid for 3 years.

CWDP® – Certified Wireless Design Professional is a professional level career certification for networkers who are already CWNA certified and have a thorough understanding of RF technologies and applications of 802.11 networks. The CWDP curriculum prepares WLAN professionals to properly design wireless LANs for different applications to perform optimally in different environments. You must have a current CWNA credential to take the CWDP exam. The CWDP certification is valid for 3 years.

CWAP® – Certified Wireless Analysis Professional is a professional level career certification for networkers who are already CWNA certified and have a thorough understanding of RF technologies and applications of 802.11 networks. The CWAP curriculum prepares WLAN professionals to analyze, troubleshoot, and optimize any wireless LAN. You must have a current CWNA credential to take the CWAP exam. The CWAP certification is valid for 3 years. The CWAP exam is available at all Pearson VUE Testing Centers worldwide.

CWNE® – Certified Wireless Network Expert is an expert level Wi-Fi certification for the most elite Wi-Fi professionals. Do you have what it takes to be recognized as an expert in enterprise Wi-Fi? If so, start here.

CWNT® – Certified Wireless Network Instructor Leverage your Wi-Fi and networking expertise and IT instruction experience to teach official authorized CWNP classes. CWNP Learning Centers must employ or contract a CWNT to teach any authorized CWNP training class.

IACRB Information Assurance Certification Review Board Certifications

All certifications offered by the IACRB are composed of a traditional multiple choice exam, as well as a hands-on practical exam. The goal of this two step process is to determine if a certification candidate possesses the required knowledge of theories and concepts. Additionally, the second step is designed to rigorously test the ability of the candidate to perform job relevant, hands-on technical skills related to information assurance.

CEPT Certified Expert Penetration Tester
CASS Certified Application Security Specialist
CSSA Certified SCADA Security Architect
CREA Certified Reverse Engineering Analyst
CPT Certified Penetration Tester
CDRP Certified Data Recovery Professional
CCFE Certified Computer Forensics Examiner

Center for Development of Security Excellence Certifications

The Center for Development of Security Excellence (CDSE) is a nationally accredited, award-winning directorate within the Defense Security Service (DSS) located in Linthicum, MD. CDSE provides security education, training, and certification products and services to a broad audience supporting the protection of National Security and professionalization of the DoD security enterprise.

SFPC Security Fundamentals Professional Certification
SAPPC Security Asset Protection Professional Certification
SPIPC Security Program Integration Professional Certification
SPSC Special Program Security Certification
ISOC Industrial Security Oversight Certification
PSC Physical Security Certification
APC Adjudicator Professional Certification
DPAPC Due Process Adjudicator Professional Credential