In the computer security or Information security fields, there are a number of tracks a professional can take to demonstrate qualifications.[Notes 1] Four sources categorizing these, and many other credentials, licenses, and certifications, are:
- Schools and universities
- Vendor-sponsored credentials (e.g. Microsoft, Cisco)
- Association- and organization-sponsored credentials
- Governmental (or quasi-governmental) licenses, certifications, and credentials
Quality and acceptance vary worldwide for IT security credentials, from well-known and high-quality examples like a master's degree in the field from an accredited school, CISSP, and Microsoft certification, to a controversial list of many dozens of lesser-known credentials and organizations.
In addition to certification obtained by taking courses and/or passing exams (and in the case of CISSP and others noted below, demonstrating experience and/or being recommended or given a reference from an existing credential holder), award certificates also are given for winning government, university or industry-sponsored competitions, including team competitions and contests.
Certifying organizations
Vendor-neutral
- Altered Security
- ASIS International
- APMG International
- Blockchain Council
- Blockchain Training Alliance
- CCC
- CertNexus
- CompTIA
- CREST
- Crypto Consortium
- Cloud Security Alliance (CSA)
- CWNP
- CyberDefenders
- Cyber Struggle
- EC Council
- EITCA/IS
- eLearnSecurity
- EXIN
- GAQM
- GIAC
- HISPI
- InfoSec Institute
- IBITGQ
- TCM Security
- The IIA
- IAPP
- ISACA
- ISECOM
- ISC2
- Linux Professional Institute (LPI)
- Lunarline
- McAfee Institute
- Mile2
- Offensive Security
- PECB
- The Open Group
- SECO-Institute
- SABSA
- Star Certification
- Zero-Point Security
- EC First
Vendor-specific
List of certifications
Vendor-neutral[Notes 2]
Issuing Organization | Credential abbreviation | Certification Title | Focus | Validity duration | Number issued |
---|---|---|---|---|---|
Altered Security | CRTP | Certified Red Team Professional | Red Teaming | 3 years | N/A |
CRTE | Certified Red Team Expert | Red Teaming | 3 years | N/A | |
CRTM | Certified Red Team Master | Red Teaming | 3 years | N/A | |
CARTP | Certified Azure Red Team Professional | Red Teaming | 3 years | N/A | |
CAWASP | Certified Azure Web Application Security Professional | Application Security | 3 years | N/A | |
(ISC)2 | S-ITSF | IT-Security Foundation | General Cyber Security | 3 years | N/A |
S-ITSP | IT-Security Practitioner | General Cyber Security | 3 years | N/A | |
S-ITSE | IT-Security Expert | General Cyber Security | 3 years | N/A | |
S-CITSO | Certified IT-Security Officer | General Cyber Security | 3 years | N/A | |
S-DPF | Data Protection Foundation | Privacy | No expiration[1] | N/A | |
S-DPP | Data Protection Practitioner | Privacy | 1 year[2] | N/A | |
S-CDPO | Certified Data Protection Officer | Privacy | 3 years | N/A | |
S-EHF | Ethical Hacking Foundation | Penetration Testing | 3 years | N/A | |
S-EHP | Ethical Hacking Practitioner | Penetration Testing | 3 years | N/A | |
S-SPF | Secure Programming Foundation | Software Development | 3 years | N/A | |
S-DWF | Dark Web Foundation | Threat Intelligence | 3 years | N/A | |
CC | Certified in CyberSecurity | IT-Administration | 3 years (continuously) | N/A | |
CISSP | Certified Information Systems Security Professional | Management | 3 years (continuously)[3] | 127,734[4] | |
CISSP-ISSAP | Information Systems Security Architecture Professional | Security Architecture | 3 years (continuously)[5] | 1,952[6] | |
CISSP-ISSEP | Information Systems Security Engineering Professional | IT-Administration | 3 years (continuously)[5] | 1,147[6] | |
CISSP-ISSMP | Information Systems Security Management Professional | Management | 3 years (continuously)[5] | 1,196[6] | |
SSCP | Systems Security Certified Practitioner | IT-Administration | 3 years (continuously)[7] | 4,319[6] | |
CCSP | Certified Cloud Security Professional | Cloud Security | 3 years (continuously)[8] | 3,549[6] | |
CAP | Certified Authorization Professional | Auditing | 3 years (continuously)[9] | 2,671[6] | |
CSSLP | Certified Secure Software Lifecycle Professional | Software Development | 3 years (continuously)[10] | 2,214[6] | |
CompTIA | Security+ | CompTIA Security+ [11] | IT-Administration | 3 years[12] | N/A |
CySA+ | CompTIA Cyber Security Analyst | Security Analysis | 3 years[13] | N/A | |
PenTest+ | CompTIA Pentest+ | Penetration Testing | 3 years[14] | N/A | |
CASP+ | CompTIA Advanced Security Practitioner | General Cyber Security | 3 years[15] | N/A | |
ISACA | CISA | Certified Information Systems Auditor | Auditing | 3 years | 115,000[16] |
CISM | Certified Information Security Manager | Management | 3 years | 27,000[16] | |
CRISC | Certified In Risk and Information Systems Control | Risk Management | 3 years | 18,000[16] | |
CGEIT | Certified in the Governance of Enterprise IT | Management | 3 years | 6,000[16] | |
CSX-F | Cyber Security Fundamentals | General Cyber Security | 3 years | N/A | |
CSX-T | Cyber Security Technical Foundations | General Cyber Security | 3 years | N/A | |
CSX-P | Cyber Security Practitioner | General Cyber Security | 3 years | N/A | |
CSX-A | Cyber Security Audit | Auditing | 3 years | N/A | |
CDPSE | CERTIFIED DATA PRIVACY SOLUTIONS ENGINEER | Data Priavcy | 3 years | N/A | |
GIAC | GSE | Security Expert | General Cyber Security | 4 years[17] | N/A |
GSEC | Security Essentials | General Cyber Security | 4 years[17] | N/A | |
GCIA | Certified Intrusion Analyst | Security Analysis | 4 years[17] | N/A | |
GISF | GIAC Information Security Fundamentals | General Cyber Security | 4 years[17] | N/A | |
GCED | Certified Enterprise Defender | Cyber Defense | 4 years[17] | N/A | |
GCWN | Certified Windows Security Administrator | IT-Administration | 4 years[17] | N/A | |
GPPA | Certified Perimeter Protection Analyst | Firewalls | N/A | ||
GMON | Continuous Monitoring Certification | Threat Intelligence | 4 years[17] | N/A | |
GCCC | Critical Controls Certification | Cyber Defense | 4 years[17] | N/A | |
GDSA | Defensible Security Architecture | Security Architecture | 4 years[17] | N/A | |
GCUX | Certified UNIX Security Administrator | IT-Administration | 4 years[17] | N/A | |
GCDA | Certified Detection Analyst | Threat Intelligence | 4 years[17] | N/A | |
GDAT | Defending Advanced Threats | Cyber Defense | 4 years[17] | N/A | |
GCIH | Certified Incident Handler | Incident Response | 4 years[17] | N/A | |
GPEN | Penetration Tester | Penetration Testing | 4 years[17] | N/A | |
GWAPT | Web Application Penetration Tester | Penetration Testing | 4 years[17] | N/A | |
GXPN | Exploit Researcher and Advanced Penetration Tester | Penetration Testing | 4 years[17] | N/A | |
GMOB | Mobile Device Security Analyst | Security Analysis | 4 years[17] | N/A | |
GAWN | Assessing and Auditing Wireless Networks | Wireless Security | 4 years[17] | N/A | |
GPYC | Python Coder | Software Development | 4 years[17] | N/A | |
GCFA | Certified Forensic Analyst | Forensics | 4 years[17] | N/A | |
GCFE | Certified Forensic Examiner | Forensics | 4 years[17] | N/A | |
GREM | Reverse Engineering Malware | Malware Analysis | 4 years[17] | N/A | |
GNFA | Network Forensic Analyst | Forensics | 4 years[17] | N/A | |
GCTI | Cyber Threat Intelligence | Threat Intelligence | 4 years[17] | N/A | |
GASF | Advanced Smartphone Forensics | Forensics | 4 years[17] | N/A | |
GSLC | Security Leadership | Management | 4 years[17] | N/A | |
GSNA | Systems and Network Auditor | Auditing | 4 years[17] | N/A | |
GISP | Information Security Professional | General Cyber Security | N/A | ||
GLEG | Law of Data Security & Investigations | Forensics | 4 years[17] | N/A | |
GCPM | Certified Project Manager | Management | 4 years[17] | N/A | |
GSTRT | Strategic Planning, Policy, and Leadership | Management | 4 years[17] | N/A | |
GSSP-JAVA | Secure Software Programmer-Java | Software Development | 4 years[17] | N/A | |
GSSP-.NET | Secure Software Programmer- .NET | Software Development | 4 years[17] | N/A | |
GWEB | Certified Web Application Defender | Software Development | 4 years[17] | N/A | |
GICSP | Global Industrial Cyber Security Professional | Critical Infrastructure Security | 4 years[17] | N/A | |
GRID | Response and Industrial Defense | Critical Infrastructure Security | 4 years[17] | N/A | |
GCIP | Critical Infrastructure Protection | Critical Infrastructure Security | 4 years[17] | N/A | |
GEVA | Enterprise Vulnerability Assessor | Vulnerability Management | 4 years[17] | N/A | |
GOSI | Open Source Intelligence | Threat Intelligence | 4 years[17] | N/A | |
GBFA | Battlefield Forensics and Acquisition | Forensics | 4 years[17] | N/A | |
GCSA | Cloud Security Automation | Cloud Security | 4 years[17] | N/A | |
GFCT | Foundational Cybersecurity Technologies | Cyber Security | 4 years[17] | N/A | |
GSOC | Security Operations Certified | Security Operations | 4 years[17] | N/A | |
GPCS | Public Cloud Security | Cloud Security | 4 years[17] | N/A | |
CyberDefenders | CCD | Certified CyberDefender | CyberDefense / BlueTeam | No expiration | N/A |
EC-Council | CSCU | EC-Council Certified Secure Computer User | Security Awareness | No expiration | N/A |
CND | EC-Council Certified Network Defender | Network Security | 3 years[18] | N/A | |
CEH | EC-Council Certified Ethical Hacker | Penetration Testing | 3 years[18] | N/A | |
CEH-Practical (Master) | EC-Council Certified Ethical Hacker Practical (Master) | Penetration Testing | 3 years[18] | N/A | |
ECSA | EC-Council Certified Security Analyst | Penetration Testing | 3 years[18] | N/A | |
ECSA-Master (Practical) | EC-Council Certified Security Analyst (Practical) | Penetration Testing | 3 years[18] | N/A | |
LPT-Master (Practical) | EC-Council Licensed Penetration Tester (Master) | Penetration Testing | 1 year[Notes 3][19] | N/A | |
E|ISM | EC-Council Information Security Manager | Management | 3 years[18] | N/A | |
CCISO | EC-Council Certified Chief Information Security Officer | Management | 1 year[20] | N/A | |
ECIH | EC-Council Certified Incident Handler | Incident Response | 3 years[18] | N/A | |
CHFI | EC-Council Computer Hacking Forensic Investigator | Forensics | 3 years[18] | N/A | |
EDRP | EC-Council Disaster Recovery Professional | Disaster Recovery | 3 years[18] | N/A | |
ECES | EC-Council Certified Encryption Specialist | Encryption | 3 years[18] | N/A | |
CASE Java | EC-Council Certified Application Security Engineer Java | Software Development | 3 years[18] | N/A | |
CASE .Net | EC-Council Certified Application Security Engineer .Net | Software Development | 3 years[18] | N/A | |
CTIA | EC-Council Certified Threat Intelligence Analyst | Threat Intelligence | 3 years[18] | N/A | |
CSA | EC-Council Certified SOC Analyst | Security Analysis | 3 years[18] | N/A | |
ECSS | EC-Council Certified Security Specialist | General Cyber Security | 3 years[18] | N/A | |
CCSE | EC-Council Cloud Security Engineer | Cloud Security | 3 years[18] | N/ | |
OffSec | OSCP | OffSec Certified Professional | Penetration Testing | No expiration | N/A |
OSWP | OffSec Wireless Professional | Penetration Testing | No expiration | N/A | |
OSWA | OffSec Web Assessor | Penetration Testing | No expiration | N/A | |
OSEP | OffSec Experienced Penetration Tester | Penetration Testing | No expiration | N/A | |
OSED | OffSec Security Exploit Developer | Exploit Development | No expiration | N/A | |
OSWE | OffSec Web Expert | Penetration Testing | No expiration | N/A | |
OSCE3 | OffSec Certified Expert3 | Penetration Testing | No expiration | N/A | |
OSEE | OffSec Exploitation Expert | Exploit Development | No expiration | N/A | |
OSDA | OffSec Defensive Analyst | Security Operations | No expiration | N/A | |
OSMR | OffSec macOS Researcher | Exploit Development | No expiration | N/A | |
EITCI | EITCA/IS | EITCA Information Technologies Security Academy | General Cyber Security | No expiration | N/A |
CSA | CCSK | CSA Certificate of Cloud Security Knowledge | Cloud Security | No expiration | N/A |
Cloud Credential Council | PCSM | CCC Professional Cloud Security Manager | Cloud Security | No expiration | N/A |
IAPP | CIPP | Certified Information Privacy Professional | Privacy | 2 years | 50,000 Total |
CIPM | Certified Information Privacy Manager | Privacy | 2 years | ||
CIPT | Certified Information Privacy Technologist | Privacy | 2 years | ||
INE Security | eJPT | eLearnSecurity Certified Junior Penetration Tester | Penetration Testing | No expiration | N/A |
eCPPT | eLearnSecurity Certified Professional Penetration Tester | Penetration Testing | No expiration | N/A | |
eWPT | eLearnSecurity Web Application Penetration Tester | Penetration Testing | No expiration | N/A | |
eMAPT | eLearnSecurity Mobile Application Penetration Tester | Penetration Testing | No expiration | N/A | |
eCPTX | eLearnSecurity Certified Penetration Tester eXtreme | Penetration Testing | No expiration | N/A | |
eCIR | eLearnSecurity Certified Incident Response Professional | Incident Response | No expiration | N/A | |
eCXD | eLearnSecurity Exploit Development | Penetration Testing | No expiration | N/A | |
eNDP | eLearnSecurity Network Defense Professional | Network Security | No expiration | N/A | |
eCRE | eLearnSecurity Certified Reverse Engineer | Malware Analysis | No expiration | N/A | |
eCTHP | eLearnSecurity Certified Threat Hunting Professional | Threat Hunting | No expiration | N/A | |
eCMAP | eLearnSecurity Certified Malware Analysis Professional | Malware Analysis | No expiration | N/A | |
eWDP | eLearnSecurity Web Defense Professional | Web Defense | No expiration | N/A | |
eCDFP | eLearnSecurity Certified Digital Forensics Professional | Digital Forensics | No expiration | N/A | |
CREST | CPSA | CREST Practitioner Security Analyst | Penetration Testing | 3 Years | N/A |
CRT | CREST Registered Penetration Tester | Penetration Testing | 3 Years | N/A | |
CCT App | CREST Certified Web Application Tester | Penetration Testing | 3 Years | N/A | |
CCT Inf | CREST Certified Infrastructure Tester | Penetration Testing | 3 Years | N/A | |
CCSAS | CREST Certified Simulated Attack Specialist | Attack Simulation | 3 Years | N/A | |
CCSAM | CREST Certified Simulated Attack Manager | Attack Simulation | 3 Years | N/A | |
CCWS | CREST Certified Wireless Specialist | Wireless security | 3 Years | N/A | |
CPTIA | CREST Practitioner Threat Intelligence Analyst | Threat Intelligence | 3 Years | N/A | |
CRTIA | CREST Registered Threat Intelligence Analyst | Threat Intelligence | 3 Years | N/A | |
CCTIM | CREST Certified Threat Intelligence Manager | Threat Intelligence | 3 Years | N/A | |
CPIA | CREST Practitioner Intrusion Analyst | Security Analysis | 3 Years | N/A | |
CRIA | CREST Registered Intrusion Analyst | Security Analysis | 3 Years | N/A | |
CCNIA | CREST Certified Network Intrusion Analyst | Security Analysis | 3 Years | N/A | |
CCHIA | CREST Certified Host Intrusion Analyst | Security Analysis | 3 Years | N/A | |
CCMRE | CREST Certified Malware Reverse Engineer | Malware Analysis | 3 Years | N/A | |
CCIM | CREST Certified Incident Manager | Incident Response | 3 Years | N/A | |
CRTSA | CREST Registered Technical Security Architect | Security Architecture | 3 Years | N/A | |
InfoSec Institute | CCFE | Certified Computer Forensics Examiner | Forensics | 4 years | N/A |
CCTHP | Certified Cyber Threat Hunting Professional | Threat Hunting | 4 years | N/A | |
CDRP | Certified Data Recovery Professional | Disaster Recovery | 4 years | N/A | |
CEPT | Certified Expert Penetration Tester | Penetration Testing | 4 years | N/A | |
CEREA | Certified Expert Reverse Engineering Analyst | Malware Analysis | 4 years | N/A | |
CMWAPT | Certified Mobile and Web Application Penetration Tester | Penetration Testing | 4 years | N/A | |
CMFE | Certified Mobile Forensics Examiner | Forensics | 4 years | N/A | |
CPT | Certified Penetration Tester | Penetration Testing | 4 years | N/A | |
CRTOP | Certified Red Team Operations Professional | Red Teaming | 4 years | N/A | |
CREA | Certified Reverse Engineering Analyst | Malware Analysis | 4 years | N/A | |
CSSA | Certified SCADA Security Architect | Critical Infrastructure Security | 4 years | N/A | |
CSAP | Certified Security Awareness Practitioner | Security Awareness | 4 years | N/A | |
Cyber Struggle | CSAE | Cyber Struggle Aegis | Security Analysis | N/A | N/A |
CSR | Cyber Struggle Ranger | Red Teaming | N/A | N/A | |
CSTPO | Cyber Struggle Tactical Pistol Operator | Tactical fire gun shooting | N/A | N/A | |
Linux Professional Institute (LPI) | SecE | Linux Professional Institute Security Essentials | General Cyber Security | No expiration[21] | N/A |
LPIC-3 Security | Linux Professional Institute LPIC-3 Security | IT-Administration | 5 years[22] | N/A | |
Mile2 | C)SA1 | Certified Security Awareness 1 | Security Awareness | 3 Years | N/A |
C)SA2 | Certified Security Awareness 2 | Security Awareness | 3 Years | N/A | |
C)SP | Certified Security Principles | General Cyber Security | 3 Years | N/A | |
C)ISSO | Certified Information Systems Security Officer | Management | 3 Years | N/A | |
IS20 | Information Security 20 Security Controls | General Cyber Security | 3 Years | N/A | |
C)SLO | Certified Security Leadership Officer | Management | 3 Years | N/A | |
C)VA | Certified Vulnerability Assessor | Vulnerability Management | 3 Years | N/A | |
C)PEH | Certified Professional Ethical Hacker | Penetration Testing | 3 Years | N/A | |
C)PTE | Certified Penetration Tester | Penetration Testing | 3 Years | N/A | |
C)PTC | Certified Penetration Testing Consultant | Penetration Testing | 3 Years | N/A | |
C)PSH | Certified PowerShell Hacker | Scripting | 3 Years | N/A | |
C)IHE | Certified Incident Handling Engineer | Incident Response | 3 Years | N/A | |
C)DFE | Certified Digital Forensic Examiner | Forensics | 3 Years | N/A | |
C)VFE | Certified Virtualization Forensics Engineer | Forensics | 3 Years | N/A | |
C)NFE | Certified Network Forensics Examiner | Forensics | 3 Years | N/A | |
C)DRE | Certified Disaster Recovery Engineer | Disaster Recovery | 3 Years | N/A | |
C)HISSP | Certified Healthcare Information Systems Security Professional | Healthcare | 3 Years | N/A | |
C)ISMS-LA | Certified Information Security Management Systems Lead Auditor | Auditing | 3 Years | N/A | |
C)ISMS-LI | Certified Information Security Management Systems Lead Implementer | Risk Management | 3 Years | N/A | |
C)ISSA | Certified Information Security Systems Auditor | Auditing | 3 Years | N/A | |
C)SWAE | Certified Secure Web Application Engineer | Application Security | 3 Years | N/A | |
C)VCP | Certified Virtualization Principles | Virtualization | 3 Years | N/A | |
C)VE | Certified Virtualization Engineer | Virtualization | 3 Years | N/A | |
C)CSO | Certified Cloud Security Officer | Cloud Security | 3 Years | N/A | |
C)VSE | Certified Virtualization Systems Engineer | Virtualization | 3 Years | N/A | |
C)ISSM | Certified Information Systems Security Manager | Management | 3 Years | N/A | |
C)ISRM | Certified Information Systems Risk Manager | Risk Management | 3 Years | N/A | |
ISCAP | Information Systems Certification & Accreditation Professional | Auditing | 3 Years | N/A | |
C)SWAE | Certified Secure Web Application Engineer | Web Security | 3 Years | N/A | |
C)ISS | Certified IPv6 Security Specialist | Network Security | 3 Years | N/A | |
C)CSA | Certified Cybersecurity Analyst | Security Analysis | 3 Years | N/A | |
C)CTA | Certified Cyber Threat Analyst | Security Analysis | 3 Years | N/A | |
C)CTIA | Certified Cyber Threat Intelligence Analyst | Threat Intelligence | 3 Years | N/A | |
ASIS International | CPP | Certified Protection Professional | Management | 3 Years | N/A |
APP | Associate Protection Professional | Management | 3 Years | N/A | |
PCI | Professional Certified Investigator | Forensics | 3 Years | N/A | |
PSP | Physical Security Professional | Physical Security | 3 Years | N/A | |
SABSA | SABSA-SCF | SABSA Chartered Security Architect – Foundation Certificate | Security Architecture | 3 Years | N/A |
SABSA-SCP | SABSA Chartered Security Architect – Practitioner Certificate | Security Architecture | 3 Years | N/A | |
SABSA-SCM | SABSA Chartered Security Architect – Master Certificate | Security Architecture | 3 Years | N/A | |
APMG International | ISO/IEC 27001-F | ISO/IEC 27001 Foundation | Standards | No expiration | N/A |
ISO/IEC 27001-P ISO | ISO/IEC 27001 Practitioner - Information Security Officer | Standards | No expiration | N/A | |
NCSP-F | NIST Cyber Security Professional Foundation | Standards | No expiration | N/A | |
NCSP-P | NIST Cyber Security Professional Practiioner | Standards | No expiration | N/A | |
EXIN | PDP-E | EXIN Privacy & Data Protection Essentials | Privacy | No expiration | N/A |
PDP-F | EXIN Privacy & Data Protection Foundation | Privacy | No expiration | N/A | |
PDP-P | EXIN Privacy and Data Protection Practitioner | Privacy | No expiration | N/A | |
CIT-F | EXIN Cyber & IT Security Foundation | General Cyber Security | No expiration | N/A | |
CEF | EXIN Ethical Hacking Foundation | Penetration Testing | No expiration | N/A | |
ISO/IEC 27001-F | EXIN Information Security Management ISO27001 Foundation | Standards | No expiration | N/A | |
ISO/IEC 27001-P | EXIN Information Security Management ISO27001 Professional | Standards | No expiration | N/A | |
ISO/IEC 27001-E | EXIN Information Security Management ISO27001 Expert | Standards | No expiration | N/A | |
SP-F | EXIN Secure Programming Foundation | Software Development | No expiration | N/A | |
IBITGQ | EU GDPR F | Certified EU General Data Protection Regulation Foundation | Standards | No expiration | N/A |
EU GDPR P | Certified EU General Data Protection Regulation Practitioner | Standards | No expiration | N/A | |
C-DPO | Certified Data Protection Officer | Privacy | No expiration | N/A | |
C BS PIMS LI | Certified BS 10012 PIMS Lead Implementer | Standards | No expiration | N/A | |
CCPA F | California Consumer Privacy Act Foundation | Privacy | No expiration | N/A | |
C IDP F | Certified Introduction to Data Protection | Privacy | No expiration | N/A | |
CIS F | Certified ISO 27001 ISMS Foundation | Standards | No expiration | N/A | |
CIS LI | Certified ISO 27001 ISMS Lead Implementer | Standards | No expiration | N/A | |
CIS LA | Certified ISO 27001 ISMS Lead Auditor | Standards | No expiration | N/A | |
CIS IA | Certified ISO 27001 ISMS Internal Auditor | Standards | No expiration | N/A | |
CISRM | Certified ISO 27005 ISMS Risk Management | Standards | No expiration | N/A | |
PCI IM | PCI DSS Implementation | Standards | No expiration | N/A | |
CCRMP | Managing Cyber Security Risk | Management | No expiration | N/A | |
CIRM F | Cyber Incident Response Management Foundation | Incident Response | No expiration | N/A | |
C CR P | Certified Cyber Resilience Practitioner | Management | No expiration | N/A | |
CITGP | Implementing IT Governance – Foundation & Principles | Management | No expiration | N/A | |
C CS F | Certified Cyber Security Foundation | General Cyber Security | No expiration | N/A | |
CertNexus | CFR | CyberSec First Responder | Incident Response | 3 Years | N/A |
CIOTSP | Certified IoT Security Practitioner (CIoTSP) | IoT | 3 Years | N/A | |
IRBIZ | Incident Response for Business Professionals | Incident Response | 3 Years | N/A | |
CSC | Cyber Secure Coder | Software Development | 3 Years | N/A | |
CYBERSAFE | CyberSAFE | End user security | 1 Year | N/A | |
Lunarline | CEHT | Certified Expert Hunt Team | Threat Hunting | 3 Years | N/A |
CECS | Certified Expert Cloud Security | Cloud Security | 3 Years | N/A | |
CEIA | Certified Expert Independent Assessor | Auditing | 3 Years | N/A | |
CEPM | Certified Expert Program Manager | Management | 3 Years | N/A | |
CERP | Certified Expert RMF Professional | Management | 3 Years | N/A | |
CESA | Certified Expert Security Analyst | Security Analysis | 3 Years | N/A | |
McAfee Institute | CECI | Certified Expert in Cyber Investigations | Forensics | 2 Years | N/A |
CCII | Certified Cyber Intelligence Investigator | Threat Intelligence | 2 Years | N/A | |
CCIP | Certified Cyber Intelligence Professional | Threat Intelligence | 2 Years | N/A | |
CSMIE | Certified Social Media Intelligence Expert | Threat Intelligence | 2 Years | N/A | |
SMIA | Certified Social Media Intelligence Analyst | Threat Intelligence | 2 Years | N/A | |
CCTA | Certified Counterintelligence Threat Analyst | Threat Intelligence | 2 Years | N/A | |
CPCI | Certified Professional Criminal Investigator | Forensics | 2 Years | N/A | |
CORCI | Certified Organized Retail Crime Investigator | Forensics | 2 Years | N/A | |
CEL | Certified Executive Leader | Management | 2 Years | N/A | |
CHTI | Certified Human Trafficking Investigator | Forensics | 2 Years | N/A | |
CCFI | Certified Cryptocurrency Forensic Investigator | Forensics | 2 Years | N/A | |
WVTS | Certified Workplace violence and threat specialist | Forensics | 2 Years | N/A | |
C|OSINT | Certified in Open Source Intelligence | Threat Intelligence | 2 Years | N/A | |
The IIA | CIA | Certified Internal Auditor | Auditing | 160,000+ | |
CRMA | Certification in Risk Management Assurance | Risk Management | N/A | ||
QIAL | Qualification in Internal Audit Leadership | Auditing | N/A | ||
GAQM | CSST | Certified Software Security Tester | Software Development | No Expiration | N/A |
CASST | Certified Advanced Software Security Tester | Software Development | No Expiration | N/A | |
CISP | Certified Information Security Professional | General Cyber Security | 5 Years | N/A | |
CISSM | Certified Information Systems Security Manager | Management | 5 Years | N/A | |
CISST | Certified Information Systems Security Tester | Security Testing | No Expiration | N/A | |
CPT | Certified Penetration Tester | Penetration Tester | No Expiration | N/A | |
CFA | Certified Forensic Analyst | Forensics | No Expiration | N/A | |
CPEH | Certified Professional Ethical Hacker | Penetration Tester | No Expiration | N/A | |
ISO/IEC 27001-CIA | ISO 27001 ISMS Certified Internal Auditor | Auditing | No Expiration | N/A | |
ISO/IEC 27001-27002-LA | ISO 27001-27002 Lead Auditor | Auditing | No Expiration | N/A | |
ISO/IEC 27001-LA | ISO 27001:2013 ISMS Certified Lead Auditor | Auditing | No Expiration | N/A | |
ISO/IEC 27001-F | ISO 27001:2013 ISMS Foundation | Standards | No Expiration | N/A | |
ISO/IEC 27002-F | ISO 27002 Foundation | Standards | No Expiration | N/A | |
ISO/IEC 27002-LI | ISO 27002 Lead Implementer | Standards | 4 Years | N/A | |
ISO/IEC 31000-LRM | ISO 31000 Certified Lead Risk Manager | Standards | No Expiration | N/A | |
ISECOM | OPSA | OSSTMM Professional Security Analyst | Security Analyst | No Expiration | N/A |
OPST | OSSTMM Professional Security Tester | Penetration Tester | No Expiration | N/A | |
OPSE | OSSTMM Professional Security Expert | General Cyber Security | No Expiration | N/A | |
OWSE | OSSTMM Wireless Security Expert | Penetration Tester | No Expiration | N/A | |
CTA | OSSTMM Certified Trust Analyst | Trust Management | No Expiration | N/A | |
SAI | Certified Security Awareness Instructor | Cyber Security Trainer | No Expiration | N/A | |
CHA | Certified Hacker Analyst | Penetration Tester | No Expiration | N/A | |
CHAT | Certified Hacker Analyst Trainer | Cyber Security Trainer | No Expiration | N/A | |
HISPI | HISP | Holistic Information Security Practitioner | General Cyber Security | 3 Years | N/A |
Blockchain Training Alliance | CBSP | Certified Blockchain Security Professional | Blockchain | 2 Years | N/A |
Crypto Consortium | CCSSA | CryptoCurrency Security Standard Auditor | Blockchain | - | N/A |
The Open Group | OG0-041 | Open FAIR Foundation | Risk Management | - | N/A |
TOGAF9-F | TOGAF 9 Foundation | Security Architecture | - | N/A | |
TOGAF9-C | TOGAF 9 Certified | Security Architecture | - | N/A | |
TCM Security | PNPT | Practical Network Penetration Tester | Penetration Tester | No Expiration | N/A |
PCRP | Practical Career-Ready Professional | Penetration Tester | 3 years | N/A | |
PJMR | Practical Junior Malware Researcher | Malware Analysis | No Expiration | N/A | |
Star Certification | SCSU | Star Cyber Secure User | Security Awareness | 3 years[23] | N/A |
EHE | Star Certified Ethical Hacking Expert | Penetration Testing | 3 years[24] | N/A | |
SESS | Star Expert Security Specialist | Penetration Testing | 3 years[25] | N/A | |
SMFAS | Star Mobile Forensic and Advance Security | Forensics | 3 years[26] | N/A | |
SPTE | Star Penetration Tester Experts [27] | Penetration Testing | 3 years[28] | N/A | |
SSCA | Star Secure Cyber Analytics | Penetration Testing | 3 years[29] | N/A | |
SFICH-007 | Star Forensic investigator in Computer Hacking-007 | Forensics | 3 years[30] | N/A | |
SSPE.Net | Star Secure Programmer Expert- .Net | Software Development | 3 years[31] | N/A | |
SSPE-Java | Star Secure Programmer Expert- Java | Software Development | 3 years[32] | N/A | |
SSPE-Android | Star Secure Programmer Expert- Android | Software Development | 3 years[33] | N/A | |
SSPE-PHP | Star Secure Programmer Expert- PHP | Software Development | 3 years[34] | N/A | |
Zero-Point Security | CRTO | Certified Red Team Operator | Red Teaming | N/A | N/A |
CRTL | Certified Red Team Lead | Red Teaming | N/A | N/A | |
EC First | CCSA | Certified Cyber Security Architect | Security Architecture | 3 years | N/A |
CSCS | Certified Security Compliance Specialist | Risk/Compliance | 3 years | N/A | |
CMMP | Certified CMMC Professional | Standards | 3 years | N/A | |
CWNP | CWS | Certified Wireless Specialist | Wireless Security | 3 years | N/A |
Vendor-specific[Notes 2]
Issuing Organization | Credential Abbreviation | Certification Title | Focus | Validity duration | Number issued |
---|---|---|---|---|---|
Cisco | CCNA Security | Cisco Certified Network Associate - Security | Network Security | ||
CCNP Security | Cisco Certified Network Professional - Security | Network Security | |||
CCIE Security | Cisco Certified Internetwork Expert - Security | Network Security | 2062[35] | ||
CCNA CyberOps | Cisco Certified Network Associate - CyberOps | Network Security | |||
Check Point | CCSA | Check Point Certified Security Administrator | Network Security | ||
CCSE | Check Point Certified Security Expert | Network Security | |||
Kali | KLCP | Kali Linux Certified Professional | Penetration Testing | No expiration | N/A |
IBM | - | IBM Certified Deployment Professional - Security Access Manager V9.0 | Access Control | ||
- | IBM Certified Associate Administrator - Security Guardium Data Protection V10.1.2 | Data Protection | |||
- | IBM Certified Administrator - Security Guardium V10.0 | Data Protection | |||
- | IBM Certified Deployment Professional - Identity Governance and Intelligence V5.2 | Access Control | |||
- | IBM Certified Analyst - i2 Analysts Notebook V9 | Threat Intelligence | |||
- | IBM Certified SOC Analyst - IBM QRadar SIEM V7.3.2 | Threat Intelligence | |||
- | IBM Certified Associate Analyst - IBM QRadar SIEM V7.3.2 | Threat Intelligence | |||
- | IBM Certified Associate Administrator - IBM QRadar SIEM V7.3.2 | Threat Intelligence | |||
- | IBM Certified Deployment Professional - IBM QRadar SIEM V7.3.2 | Threat Intelligence | |||
- | IBM Certified Deployment Professional - Security Identity Governance and Intelligence V5.2.5 | Access Control | |||
Microsoft | AZ-500 | Microsoft Certified: Azure Security Engineer Associate | Cloud Security | 1 year * | |
MS-500 | Microsoft 365 Certified: Security Administrator Associate | Cloud Security | 1 year * | ||
SC-100 | Microsoft Certified: Cybersecurity Architect Expert | Security Architect | 1 year * | ||
SC-200 | Microsoft Certified: Security Operations Analyst Associate | SIEM | 1 year * | ||
SC-300 | Microsoft Certified: Identity and Access Administrator Associate | IAM | 1 year * | ||
SC-400 | Microsoft Information Protection Administrator | Risk/Compliance | 1 year * | ||
SC-900 | Microsoft Certified: Security, Compliance, and Identity Fundamentals | Fundamentals | |||
AWS | - | AWS Certified Security - Specialty | Cloud Security | ||
- | Google Professional Cloud Security Engineer | Cloud Security | |||
Jamf | JCESA | Jamf Certified Endpoint Security Admin | macOS Security | ||
Alibaba | ACA | ACA Cloud Security Certification | Cloud Security | ||
ACP | ACP Cloud Security Certification | Cloud Security | |||
ACE | ACE Cloud Security Expert | Cloud Security | |||
Redhat | EX415 | Red Hat Certified Specialist in Security: Linux | IT-Administration | ||
EX425 | Red Hat Certified Specialist in Security: Containers and OpenShift Container | IT-Administration | |||
OpenText | EnCE | EnCase Certified Examiner | Forensics | ||
EnCEP | EnCase Certified eDiscovery Practitioner | Forensics | |||
CFSR | EnCase Certified Forensic Security Responder | Forensics | |||
Fortinet[36] | NSE 1/2/3 | Network Security Professional Associate | vendor-specific products | 2 years[36] | |
NSE 4 | Network Security Professional | firewalls | 2 years[36] | ||
NSE 5 | Network Security Analyst | administration | 2 years[36] | ||
NSE 6 | Network Security Specialist | vendor-specific products | 2 years[36] | ||
NSE 7 | Network Security Architect | firewalls | 2 years[36] | ||
NSE 8 | Network Security Expert | firewalls | 2 years | ||
Juniper | JNCIA-SEC | Juniper Networks Certified Associate | Network Security | 3 years | |
JNCIS-SEC | Juniper Networks Certified Specialist | Network Security | 3 years | ||
JNCIP-SEC | Juniper Networks Certified Professional | Network Security | 3 years | ||
JNCIE-SEC | Juniper Networks Certified Expert | Network Security | 3 years | ||
JNCDS-SEC | Juniper Networks Certified Design Specialist Security | Network Security | 3 years | ||
Palo Alto | PCNSA | Palo Alto Networks Certified Network Security Administrator | Network Security | ||
PCNSE | Palo Alto Networks Certified Network Security Engineer | Network Security | |||
PCCET | Palo Alto Networks Certified Cybersecurity Entry-level Technician | General Cyber Security | |||
PCDRA | Palo Alto Networks Certified Detection and Remediation Analyst | Network Security | |||
PCCSE | Palo Alto Networks Prisma Certified Cloud Security Engineer | Cloud Security | |||
PCSAE | Palo Alto Networks Certified Security Automation Engineer | Threat Intelligence | |||
Symantec, (since 2015 NortonLifeLock) | 250-215 | Administration of Symantec Messaging Gateway 10.6 | Network Security | ||
250-420 | Administration of Symantec VIP (March 2017) | Network Security | |||
250-426 | Administration of Symantec Data Center Security - Server Advanced 6.7 | Network Security | |||
250-428 | Administration of Symantec Endpoint Protection 14 | Network Security | |||
250-430 | Administration of Blue Coat ProxySG 6.6 | Network Security | |||
250-433 | Administration of Blue Coat Security Analytics 7.2 | Network Security | |||
250-438 | Administration of Symantec Data Loss Prevention 15* | Network Security | |||
250-440 | Administration of Symantec PacketShaper 11.9.1* | Network Security | |||
250-441 | Administration of Symantec Advanced Threat Protection 3.0* | Network Security | |||
251/250-443 | Administration of Symantec CloudSOC - R2* | Network Security | |||
250-444 | Administration of Symantec Secure Sockets Layer Visibility 5.0* | Network Security | |||
250-445 | Administration of Symantec Email Security.cloud - v1* | Network Security | |||
251/250-446 | Administration of Symantec Web Security Service (WSS) - R1* | Network Security | |||
251/250-447 | Administration of Symantec Client Management Suite 8.5* | Network Security | |||
251/250-551 | Administration of Symantec Endpoint Detection and Response 4.1* | Network Security | |||
250-556 | Administration of Symantec ProxySG 6.7* | Network Security |
Microsoft 1 year * : you have to do a free refresh exam within 180 days before expiration. if not done, the certificate expire otherwise it extends by 1 year.
See also
Notes
- ↑ This article is about the certification and credentialing of individuals. It does not include certification of organizations or classified computer systems by authorizing, accrediting, and approval bodies and authorities as meeting a prescribed set of safeguards.
- 1 2 In this chart, colors are used to help group certifications from the same issuer together and have no other significance.
- ↑ First validation period after exam is 2 years.
References
- ↑ "Data Protection Foundation". SECO-Institute. Retrieved 2021-08-14.
- ↑ "Data Protection Practitioner". SECO-Institute. Retrieved 2021-08-14.
- ↑ "Certified Information Systems Security Professional (CISSP) - GoCertify". www.gocertify.com. Retrieved 2018-07-24.
- ↑ "Member Counts | How Many (ISC)2 Members Are There Per Certification | (ISC)2". www.isc2.org. Retrieved 2018-07-24.
- 1 2 3 "IT Security Architect, Engineer, and Management Certifications | CISSP Concentrations | (ISC)²". www.isc2.org. Retrieved 2018-07-24.
- 1 2 3 4 5 6 7 "Member Counts | How Many (ISC)² Members Are There Per Certification | (ISC)²". www.isc2.org. Retrieved 2018-07-24.
- ↑ "IT Security Certification | SSCP - Systems Security Certified Practitioner | (ISC)2". www.isc2.org. Retrieved 2018-07-24.
- ↑ "Cloud Security Certifications: CCSK vs CCSP – Confidis". www.confidis.co. 30 April 2015. Retrieved 2018-07-24.
- ↑ "Security Authorization Certification | CAP - Certified Authorization Professional | (ISC)2". www.isc2.org. Retrieved 2018-07-24.
- ↑ "Software Security Certification | CSSLP - Certified Secure Software Lifecycle Professional | (ISC)2". www.isc2.org. Retrieved 2018-07-24.
- ↑ "CompTIA Security+ Certification". Retrieved 2021-09-08.
- ↑ "CompTIA Security+ Certification". certification.comptia.org. Retrieved 2018-07-24.
- ↑ "CompTIA (CySA+) Cybersecurity Analyst+ Certification | CompTIA IT Certifications". certification.comptia.org. Retrieved 2018-07-24.
- ↑ "CompTIA Pentest+ Certification | CompTIA IT Certifications". certification.comptia.org. Retrieved 2018-07-24.
- ↑ "(CASP) Advanced Security Practitioner Certification | CompTIA IT Certifications". certification.comptia.org. Retrieved 2018-07-24.
- 1 2 3 4 "ISACA Certifications by Region". www.isaca.org. Retrieved 2019-11-08.
- 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 "How to Renew Your GIAC Security Certification". www.giac.org. Retrieved 2021-04-09.
- 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 "ECE Policy". cert.eccouncil.org. Retrieved 2018-07-24.
- ↑ "Application Process Eligibility". cert.eccouncil.org. Retrieved 2018-07-24.
- ↑ "CISO FAQ - EC-Council". EC-Council. Retrieved 2018-07-24.
- ↑ "Linux Professional Institute Security Essentials". lpi.org. Retrieved 2023-09-06.
- ↑ "Linux Professional Institute LPIC-3 Security". lpi.org. Retrieved 2023-09-06.
- ↑ "(SCSU) Star Cyber Secure User | Star Certifications". Retrieved 2021-08-30.
- ↑ "(EHE) Star Certified Ethical Hacking Expert | Star Certifications". Retrieved 2021-08-30.
- ↑ "(SESS) Star Expert Security Specialist | Star Certifications". Retrieved 2021-08-30.
- ↑ "(SMFAS) Star Mobile Forensic and Advance Security | Star Certifications". Retrieved 2021-08-30.
- ↑ "PenTest Certification". Retrieved 2021-09-08.
- ↑ "(SPTE) Star Penetration Tester Experts | Star Certifications". Retrieved 2021-08-30.
- ↑ "(SSCA) Star Secure Cyber Analytics | Star Certifications". Retrieved 2021-08-30.
- ↑ "(SFICH-007) Star Forensic investigator in Computer Hacking-007 | Star Certifications". Retrieved 2021-08-30.
- ↑ "(SSPE.Net) Star Secure Programmer Expert- .Net | Star Certifications". Retrieved 2021-08-30.
- ↑ "(SSPE-Java) Star Secure Programmer Expert- Java | Star Certifications". Retrieved 2021-08-30.
- ↑ "(Android) Star Secure Programmer Expert- Android | Star Certifications". Retrieved 2021-08-30.
- ↑ "(SSPE-PHP) Star Secure Programmer Expert- PHP | Star Certifications". Retrieved 2021-08-30.
- ↑ "CCIE Hall of Fame [Statistics]". www.cciehof.com.
- 1 2 3 4 5 6 "Network Security Expert". NSE Institute. Fortinet – via egnyte.com.