EBCertMap — Cybersecurity Certification Navigator

Browse 426+ cybersecurity certifications across 15 domains. Map certs to skills, explore role-based career paths, and find your next cert.

This site requires JavaScript for full interactive features. The catalog below is a static fallback for accessibility and search indexing.

Offensive Security (104 certs)

Penetration testing, exploit development, red teaming, and adversarial simulation across networks, applications, and systems.

OSCP — OffSec Certified Professional
OffSec · intermediate · 100% practical · $1749 — official
The gold standard penetration testing credential globally and the benchmark for offensive security hiring. The 24-hour live lab exam genuinely proves exploitation ability rather than knowledge of techniques. Expected by …
GPEN — GIAC Penetration Tester
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
GIAC's penetration testing certification and the primary DoD 8140 approved option for pentesters in government and contractor roles. The CyberLive hands-on component adds practical weight but the exam is still predominan…
GX-PT — GIAC Experienced Penetration Tester
GIAC / SANS Institute · expert · 100% practical · $1299 — official
GIAC's new Applied Knowledge tier certification for penetration testing — 100% CyberLive hands-on exam with no multiple-choice component whatsoever. This is a significant departure from the standard GIAC format and direc…
CPENT AI — Certified Penetration Testing Professional
EC-Council · expert · 100% practical · $450 — official
EC-Council's professional-level penetration testing certification with a 24-hour live cyber range exam that covers network, IoT, OT/SCADA, and cloud environments. Scoring 90% or higher automatically earns the LPT Master …
LPT Master — Licensed Penetration Tester (Master)
EC-Council · elite · 100% practical · $0 — official
EC-Council's elite designation awarded automatically when a CPENT AI candidate scores 90% or higher — no separate exam, no additional cost. Represents the top tier of CPENT performance rather than a distinct certificatio…
CEH — Certified Ethical Hacker (v13)
EC-Council · beginner · 0% practical · $950 — official
EC-Council's flagship certification and one of the most widely held security credentials globally with 350,000+ certified holders. DoD 8140 approved across 28+ DCWF work roles, which is its primary and most defensible va…
CEH Practical — Certified Ethical Hacker (Practical)
EC-Council · intermediate · 100% practical · $550 — official
The practical companion to the CEH knowledge exam — a 6-hour 20-challenge hands-on test that validates actual execution of the concepts covered in CEH. DoD 8140 approved. The hands-on format is a meaningful improvement o…
CEH Master — Certified Ethical Hacker Master
EC-Council · intermediate · 50% practical · $1500 — official
The composite CEH designation earned by passing both the CEH MCQ knowledge exam and the CEH Practical hands-on exam. DoD 8140 approved. Combined cost is approximately $1,500-$1,749 depending on delivery method. The 50% p…
PenTest+ — CompTIA PenTest+
CompTIA · intermediate · 25% practical · $404 — official
CompTIA's penetration testing certification and a DoD 8140 approved option that covers network, web, and cloud pentesting across multiple domains. Performance-based questions add meaningful practical weight but it remain…
HTB CPTS — HTB Certified Penetration Testing Specialist
Hack The Box · intermediate · 100% practical · $210 — official
Hack The Box's flagship network penetration testing certification covering network pentesting, Active Directory attacks, and web application testing in a 100% practical 10-day exam. At approximately $210 as a standalone …
eJPT — eLearnSecurity Junior Penetration Tester
INE Security · beginner · 70% practical · $200 — official
INE Security's entry-level penetration testing certification and one of the most widely recommended starting points for aspiring pentesters. The exam is approximately 85% practical with hands-on lab findings driving the …
eCPPT — eLearnSecurity Certified Professional Penetration Tester
INE Security · intermediate · 100% practical · $249 — official
INE Security's intermediate-level network pentesting certification with a 100% practical exam covering network exploitation, Active Directory attacks, and pivoting. Updated in 2024-2025. Requires INE Premium subscription…
PJPT — Practical Junior Penetration Tester
TCM Security · beginner · 100% practical · $249 — official
TCM Security's entry-level network pentesting certification — 100% practical exam with training included and one free retake. Never expires. At $249 it's accessible for self-funded candidates and represents genuine value…
PNPT — Practical Network Penetration Tester
TCM Security · intermediate · 100% practical · $499 — official
TCM Security's flagship network pentesting certification and the most respected affordable alternative to OSCP in the community. 5-day practical exam with a professional report deliverable reviewed by human graders, foll…
CRT — CREST Registered Penetration Tester
CREST · intermediate · 70% practical · $760 — official
CREST's registered tester certification and the entry point for practitioners wanting to work on CREST-accredited engagements in the UK and Commonwealth markets. Required for NCSC CHECK Team Member status. The hands-on e…
CCT INF — CREST Certified Tester (Infrastructure)
CREST · expert · 70% practical · $4060 — official
CREST's expert infrastructure tester certification required for NCSC CHECK Team Leader status in the UK — mandatory for leading CHECK-scheme penetration testing engagements. Two separate exam parts, each approximately £1…
CPSA — CREST Practitioner Security Analyst
CREST · beginner · 0% practical · $350 — official
CREST's foundational security analyst certification — a 120-question MCQ exam covering penetration testing concepts. Serves as the entry point to the CREST certification pathway before CRT. No practical component, which …
C)PTE — Certified Penetration Testing Engineer
Mile2 · intermediate · 0% practical · $330 — official
Mile2's penetration testing certification with NSA validation for CNSSI-4013 and Navy COOL listing. Full DoD 8140 matrix approval status is unconfirmed. Purely MCQ exam with no practical component — labs are part of trai…
VHL Advanced+ — Virtual Hacking Labs Advanced+ Certificate
Virtual Hacking Labs · intermediate · 100% practical · $99 — official
VHL's lab completion certificate awarded for completing their penetration testing lab environment — not a traditional proctored certification exam. Requires lab machine compromise and documentation rather than a formal p…
OSWA — OffSec Web Assessor
OffSec · intermediate · 100% practical · $1749 — official
OffSec's intermediate web application security certification — a black-box 100% practical exam covering standard web vulnerability exploitation. Positioned as the web equivalent of OSCP in terms of methodology and serves…
OSWE — OffSec Web Expert
OffSec · expert · 100% practical · $1749 — official
OffSec's advanced web application exploitation certification and one of the most technically demanding AppSec credentials available. Unlike black-box web testing, OSWE focuses entirely on white-box testing — reading sour…
HTB CWES — HTB Certified Web Exploitation Specialist
Hack The Box · intermediate · 100% practical · $210 — official
Hack The Box's web exploitation certification — renamed from CBBH (Certified Bug Bounty Hunter) to CWES in October 2025, reflecting a broader scope beyond bug bounty into web exploitation specialization. 100% practical e…
HTB CWEE — HTB Certified Web Exploitation Expert
Hack The Box · expert · 100% practical · $350 — official
Hack The Box's advanced web exploitation expert certification covering source code review, custom exploit development, and complex vulnerability chaining. 100% practical exam. Held by approximately 182 professionals glob…
BSCP — Burp Suite Certified Practitioner
PortSwigger · intermediate · 100% practical · $99 — official
The most respected web application security certification in the practitioner community — a 4-hour fully hands-on proctored exam with two multi-stage web application targets and absolutely no hints. PortSwigger Web Secur…
GWAPT — GIAC Web Application Penetration Tester
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
GIAC's web application penetration testing certification and DoD 8140 approved for web security roles. CyberLive hands-on component adds practical weight but remains predominantly MCQ. In the practitioner community, BSCP…
eWPT — eLearnSecurity Web Application Penetration Tester
INE Security · intermediate · 100% practical · $249 — official
INE Security's intermediate web application pentesting certification — 100% practical exam. Requires INE Premium subscription (~$749/yr) to access training with the exam voucher around $249-$399. Not DoD 8140 approved. C…
eWPTX — eLearnSecurity Web Application Penetration Tester eXtreme
INE Security · expert · 100% practical · $399 — official
INE Security's advanced web application pentesting certification covering complex exploitation techniques including deserialization, advanced XXE, SSRF chains, and custom exploit development. 100% practical exam. Not DoD…
CCT APP — CREST Certified Tester (Application)
CREST · expert · 70% practical · $4060 — official
CREST's expert application tester certification required for CHECK Team Leader status on web application engagements in the UK. Two separate exam parts with written and 6-hour practical components, totaling approximately…
PWPA — Practical Web Pentest Associate
TCM Security · beginner · 100% practical · $249 — official
TCM Security's entry-level web application pentesting certification — 100% practical 2-day exam followed by 2 days to write a professional pentest report, reviewed by human graders. Training included, one free retake, ne…
PWPP — Practical Web Pentest Professional
TCM Security · intermediate · 100% practical · $499 — official
TCM Security's intermediate-level web pentesting certification covering the full OWASP Top 10 at professional depth plus advanced exploitation techniques. 100% practical exam with report deliverable reviewed by humans. N…
PWPE — Practical Web Pentest Expert
TCM Security · expert · 100% practical · $799 — official
TCM Security's expert-level web pentesting certification launched in 2025 — their first expert-tier web credential covering advanced white-box testing, complex vulnerability chaining, and custom exploit development. 100%…
eMAPT — eLearnSecurity Mobile Application Penetration Tester
INE Security · intermediate · 100% practical · $200 — official
INE Security's mobile application pentesting certification and one of very few practical mobile security certifications available globally. 100% practical exam covering Android and iOS application security testing. Updat…
GMOB — GIAC Mobile Device Security Analyst
GIAC / SANS Institute · intermediate · 0% practical · $999 — official
GIAC's mobile security certification covering Android and iOS device security analysis and testing. DoD 8140 approved. Purely MCQ — no hands-on practical component has been confirmed. The DoD approval is GMOB's primary d…
PMPA — Practical Mobile Pentest Associate
TCM Security · beginner · 100% practical · $249 — official
TCM Security's entry-level mobile penetration testing certification covering Android and iOS application security testing. 100% practical exam, training included, one free retake, never expires. At $249 it's the most acc…
OSWP — OffSec Wireless Professional
OffSec · intermediate · 100% practical · $0 — official
OffSec's wireless security certification covering WiFi attack techniques including WEP, WPA/WPA2, and enterprise wireless attacks. 100% practical exam. Lifetime certification. Included with Learn One subscription. Not Do…
GAWN — GIAC Assessing and Auditing Wireless Networks
GIAC / SANS Institute · intermediate · 0% practical · $999 — official
GIAC's wireless security certification covering WiFi, Bluetooth, and RFID security assessment. DoD 8140 approved. Purely MCQ exam — no practical component confirmed. DoD 8140 approval is GAWN's primary value for governme…
HTB CWPE — HTB Certified Wi-Fi Pentesting Expert
Hack The Box · expert · 100% practical · $350 — official
Hack The Box's expert-level WiFi pentesting certification announced for launch in early 2026. 100% practical exam. Not yet available for registration as of April 2026 — confirmed by HTB blog but exam sitting not yet poss…
OSEP — OffSec Experienced Penetration Tester
OffSec · expert · 100% practical · $1749 — official
OffSec's advanced red team certification covering the full red team engagement lifecycle — C2 framework operation, EDR evasion, process injection, Active Directory abuse, and lateral movement. The 47h 45m practical exam …
OSCE³ — OffSec Certified Expert 3
OffSec · elite · 100% practical · $5247 — official
OffSec's elite composite designation awarded for passing all three 300-level certifications: OSEP (advanced red team), OSWE (advanced web exploitation), and OSED (Windows exploit development). No separate exam — OSCE³ is…
CRTO — Certified Red Team Operator
Zero-Point Security · intermediate · 100% practical · $505 — official
The most respected Red Team Operator certification and the primary credential for Cobalt Strike and C2 framework usage. 48 hours of active time over 4 days, outcome-based scoring, unlimited retakes included. At approxima…
CRTO II — Certified Red Team Operator II
Zero-Point Security · expert · 100% practical · $505 — official
Zero-Point Security's advanced red team certification covering detection-aware tradecraft, EDR evasion, and sophisticated post-exploitation techniques. 100% practical exam. Builds directly on CRTO foundations with a focu…
GRTP — GIAC Red Team Professional
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
GIAC's red team professional certification launched in 2025 covering red team operations methodology, adversary simulation, and detection evasion. CyberLive hands-on component adds practical weight but remains predominan…
CETP — Certified Evasion Techniques Professional
Altered Security · intermediate · 100% practical · $399 — official
Altered Security's EDR evasion and defense bypass certification covering Windows internals, process injection, detection evasion, and operating against modern defensive tooling. 100% practical exam, 3-year validity with …
CCRTS — CREST Certified Red Team Specialist
CREST · expert · 70% practical · $4060 — official
CREST's red team specialist certification — renamed from CCSAS in 2025 — required for practitioners conducting CBEST, GBEST, and TIBER-EU regulated red team engagements in the UK and EU. Two exam parts with written and p…
CCRTM — CREST Certified Red Team Manager
CREST · elite · 25% practical · $4060 — official
CREST's red team management certification — renamed from CCSAM/CSTM in 2025 — targeting senior practitioners who lead red team programs rather than just execute engagements. Primarily written and planning-focused with ap…
OSED — OffSec Exploit Developer
OffSec · expert · 100% practical · $1749 — official
OffSec's Windows exploit development certification covering user-mode exploit techniques — SEH overflows, DEP/ASLR bypasses, heap exploitation, and shellcode development. The 47h 45m practical exam genuinely requires the…
OSEE — OffSec Exploitation Expert
OffSec · elite · 100% practical · $10000 — official
The most difficult OffSec certification and arguably the hardest practical security certification in the world. Covers advanced Windows kernel exploitation, advanced heap exploitation, DEP/ASLR/CFG/CET bypass techniques,…
GXPN — GIAC Exploit Researcher and Advanced Penetration Tester
GIAC / SANS Institute · expert · 25% practical · $999 — official
GIAC's elite-level exploit researcher and advanced penetration tester certification. DoD 8140 approved and one of the few DoD-approved credentials that gets into genuine exploit development territory. Associated with SAN…
OSMR — OffSec macOS Researcher
OffSec · expert · 100% practical · $1749 — official
OffSec's macOS security research certification covering ARM-based exploit development for Apple Silicon macOS environments — paused on November 2, 2025 with no new exams being issued. Existing credential holders retain v…
PIPA — Practical IoT Pentest Associate
TCM Security · beginner · 100% practical · $249 — official
TCM Security's IoT penetration testing certification — one of very few practical IoT offensive certifications in existence. 100% practical exam covering hardware interfaces, firmware analysis, industrial protocols, and I…
ARTE — HackTricks AWS Red Team Expert
HackTricks Training · expert · 100% practical · $1187 — official
HackTricks Training's AWS cloud red team certification widely considered the gold standard for AWS offensive security. 12-hour practical exam with 3 flags, 60-day lab access with 50+ labs, one exam attempt included. ~€1,…
AzRTE — HackTricks Azure Red Team Expert
HackTricks Training · expert · 100% practical · $1187 — official
HackTricks Training's Azure and Entra ID red team expert certification. 12-hour practical exam with 3 flags. ~€1,099 (~$1,187 USD). Not DoD 8140 approved. Covers Azure resource abuse, Entra ID attacks, hybrid identity ex…
GRTE — HackTricks GCP Red Team Expert
HackTricks Training · expert · 100% practical · $1187 — official
HackTricks Training's GCP red team expert certification covering Google Cloud Platform privilege escalation, service abuse, and lateral movement. 12-hour practical exam with 3 flags. ~€1,099 (~$1,187 USD). Not DoD 8140 a…
GCPN — GIAC Cloud Penetration Tester
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
GIAC's cloud penetration testing certification covering AWS, Azure, and GCP offensive techniques. DoD 8140 approved and listed on Army and Marine Corps COOL. CyberLive component adds practical elements but remains predom…
CARTP — Certified Azure Red Team Professional
Altered Security · intermediate · 100% practical · $449 — official
Altered Security's Azure and Entra ID red team certification covering Azure resource abuse, Entra ID identity attacks, and hybrid identity exploitation. 100% practical, 30-day lab access, 3-year validity with free renewa…
CARTE — Certified Azure Red Team Expert
Altered Security · expert · 100% practical · $549 — official
Altered Security's advanced Azure red team certification covering OPSEC, detection evasion, and advanced Azure exploitation techniques. 100% practical, 3-year validity with free renewal. Builds on CARTP with a focus on o…
CRTP — Certified Red Team Professional
Altered Security · beginner · 100% practical · $249 — official
Altered Security's entry-level Active Directory red team certification — one of the most globally popular beginner AD red team credentials. 24-hour hands-on AD environment plus report. Labs run on Server 2022. At $249 fo…
CRTE — Certified Red Team Expert
Altered Security · intermediate · 100% practical · $449 — official
Altered Security's intermediate AD red team certification covering multi-forest Active Directory attacks, complex trust relationships, and advanced lateral movement. 48-hour hands-on exam plus 48 hours to write the repor…
CRTM — Certified Red Team Master
Altered Security · elite · 100% practical · $549 — official
Altered Security's elite-level Active Directory mastery certification — formerly known as PACES (Pentester Academy Certified Enterprise Security Specialist), renamed CRTM. 48-hour hands-on exam covering offense, defense …
HTB CAPE — HTB Certified Active Directory Pentesting Expert
Hack The Box · expert · 100% practical · $350 — official
Hack The Box's expert-level Active Directory pentesting certification. 100% practical exam, never expires, available with Gold Annual ($1,260/yr) or as a standalone voucher (~$350). Competes directly with Altered Securit…
CESP-ADCS — Certified Enterprise Security Professional (AD Certificate Services)
Altered Security · intermediate · 100% practical · $399 — official
Altered Security's specialized AD Certificate Services (ADCS) attack certification — covering ESC1-ESC8 attack paths, certificate template abuse, and PKI-based privilege escalation. 100% practical, 3-year validity with f…
OSAI — OffSec AI Red Teamer (OSAI / OSAI+)
OffSec · expert · 100% practical · $1749 — official
OffSec's AI red teaming certification — released March 31, 2026, making it the newest OffSec credential. Covers LLM prompt injection, jailbreaking, agentic AI attacks, and AI system exploitation methodology. 24-hour proc…
HTB COAE — HTB Certified Offensive AI Expert
Hack The Box · expert · 100% practical · $210 — official
Hack The Box's offensive AI expert certification covering advanced LLM attack techniques, prompt injection chaining, model attacks, and AI vulnerability exploitation. 100% practical. Co-developed with Google, adding tech…
GOAA — GIAC Offensive AI Analyst
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
GIAC's offensive AI analyst certification covering deepfake-enabled attacks, AI-driven exploitation techniques, and AI defense evasion. CyberLive component adds practical elements to the predominantly MCQ format. DoD 814…
COASP — Certified Offensive AI Security Professional
EC-Council · expert · 25% practical · $0 — official
EC-Council's offensive AI security professional certification launched February 2026 covering LLM red teaming, model exploitation, and AI supply chain attacks. Includes hands-on lab components though full practical weigh…
PAPA — Practical AI Pentest Associate
TCM Security · beginner · 100% practical · $249 — official
TCM Security's entry-level AI penetration testing certification covering OWASP LLM Top 10, basic prompt injection, and AI application testing methodology. 100% practical exam including report writing reviewed by humans. …
PORP — Practical OSINT Research Professional
TCM Security · intermediate · 100% practical · $399 — official
TCM Security's OSINT research professional certification — one of the only practical OSINT certifications available. 3-day assessment with a professional report reviewed by human graders. Never expires. At $399 with trai…
HTB CJCA — HTB Certified Junior Cybersecurity Associate
Hack The Box · beginner · 100% practical · $105 — official
Hack The Box's entry-level cybersecurity associate certification covering both offensive and defensive fundamentals. 100% practical. Launched 2025 and included with Silver Annual subscription (~$105 equivalent). At the l…
KLCP — Kali Linux Certified Professional
OffSec · beginner · 0% practical · $0 — official
OffSec's Kali Linux certification — the only OffSec certification without a hands-on exam component, using multiple-choice format only. Validates proficiency with Kali Linux as a penetration testing platform rather than …
PT1 — TryHackMe Penetration Tester Level 1
TryHackMe · beginner · 70% practical · $297 — official
TryHackMe's practical pentesting certification, launched mid-2025. The PT1 is a 48-hour hands-on exam covering web application testing, network pentesting, and Active Directory attacks, with AI-graded report submission. …
CNPen — SecOps Group Certified Network Pentester
The SecOps Group · intermediate · 70% practical · $320 — official
Professional-tier (~4-hr practical, £250). Internal/external network pentesting. Listed in Synack Red Team's preferred pathway. Covers recon, exploitation, AD basics, and post-exploitation. Practical lab. A solid budget …
CPen — SecOps Group Certified Pentester
The SecOps Group · intermediate · 70% practical · $320 — official
Professional-tier (~4-hr practical, £250). Combined web + network pentesting credential. Black Hat co-branded as BCPen (Black Hat Certified Pentester) when offered at SecTor. Broader scope than CAPen or CNPen individuall…
CMPen-Android — SecOps Group Certified Mobile Pentester Android
The SecOps Group · intermediate · 70% practical · $320 — official
Professional-tier (~4-hr practical, £250). Android mobile pentesting — APK decompilation, Frida dynamic instrumentation, SSL pinning bypass, intent exploitation. Practical lab. One of few affordable mobile pentesting cer…
CMPen-iOS — SecOps Group Certified Mobile Pentester iOS
The SecOps Group · intermediate · 70% practical · $320 — official
Professional-tier (~4-hr practical, £250). iOS mobile pentesting — jailbreak detection bypass, Frida on iOS, IPA analysis, Keychain extraction, method swizzling. Practical lab. Pairs with CMPen-Android for full mobile co…
CRTeamer — SecOps Group Certified Red Teamer
The SecOps Group · intermediate · 70% practical · $320 — official
Professional-tier (~5-hr practical AD CTF, £250). Full AD red team CTF — C2 setup, Kerberoasting, DCSync, lateral movement, evasion basics. Practical lab using a VPN-connected AD environment. Step toward CRTeamerX.
CRTeamerX — SecOps Group Certified Red Teamer eXpert
The SecOps Group · expert · 100% practical · $510 — official
eXpert-tier (~7-hr practical, £400). Advanced red team — BYOVD, LSASS dump evasion, complex Kerberos delegation chains, cross-forest attacks, AV/EDR bypass. SecOps Group's hardest red team credential.
C-ADPenX — SecOps Group Certified Active Directory Pentesting eXpert
The SecOps Group · expert · 100% practical · $510 — official
eXpert-tier (~7-hr practical, £400). Multi-forest AD + Entra hybrid — Kerberoasting, BloodHound path analysis, GPO abuse, ADCS ESC chains, Entra ID integration attacks. Comprehensive AD/hybrid credential at an accessible…
CBFRPro — SecOps Group Certified Binary Fuzzing and Reversing Professional
The SecOps Group · intermediate · 70% practical · $320 — official
Professional-tier (~4-hr practical, £250, mid-2025). Binary fuzzing and reverse engineering — AFL++, IDA Pro/Ghidra workflow, memory-corruption identification, crash analysis. Fills a gap in affordable RE certifications …
CKBPro — SecOps Group Certified Kiosk Breakout Professional
The SecOps Group · intermediate · 70% practical · $320 — official
Professional-tier (~4-hr practical, £250, Oct 2025). Windows Assigned Access and kiosk escape testing — bypassing locked-down environments, escalating from kiosk context to full desktop. Niche but relevant for physical s…
C-AI/MLPen — SecOps Group Certified AI/ML Pentester
The SecOps Group · intermediate · 70% practical · $320 — official
Professional-tier (~4-hr practical, £250). LLM and ML model security testing — prompt injection, OWASP LLM Top 10, model extraction, adversarial inputs. Practical hands-on exam format distinguishes it from purely theoret…
C-AgAIPen — SecOps Group Certified Agentic AI Pentester
The SecOps Group · intermediate · 70% practical · $320 — official
Professional-tier (£250, 2025). Agentic AI security testing — OWASP Agentic AI Top 10, tool misuse in multi-agent systems, goal hijacking, autonomous AI exploitation. One of the first certifications specifically targetin…
CRTA — CyberWarFare Labs Certified Red Team Analyst
CyberWarFare Labs · beginner · 70% practical · $99 — official
Flag-based practical exam, 6-hour window ($99). Entry-level AD red team — recon, enumeration, Kerberos attacks, lateral movement, privilege escalation. CWL's entry-point for red team certification. Heavy discounts routin…
CRTS — CyberWarFare Labs Certified Red Team Specialist v2
CyberWarFare Labs · intermediate · 70% practical · $199 — official
Practical + report, 24+24 hr ($199). Intermediate AD red team with C2 operations, Kerberos abuse, EDR evasion, and professional report requirement. v2 refreshed with modern TTPs. Positioned between CRTA and CSCO.
CRT-ID — CyberWarFare Labs Certified Red Team Infra Developer
CyberWarFare Labs · intermediate · 70% practical · $49 — official
Flag-based CTF, 6-hr ($49). Red team infrastructure development — C2 server setup, redirectors, domain fronting, phishing infrastructure, OPSEC for operators. Affordable and unique focus area.
AD-RTS — CyberWarFare Labs Active Directory Red Team Specialist
CyberWarFare Labs · intermediate · 70% practical · $49 — official
Flag-based lab, 30-day access window ($49). Deep AD exploitation — BloodHound graph analysis, Kerberoasting, AS-REP roasting, Pass-the-Hash/Ticket, DCSync, ACL abuse. Long window suits methodical learners.
CELMS — CyberWarFare Labs Certified Enterprise Lateral Movement Specialist
CyberWarFare Labs · intermediate · 70% practical · $149 — official
Practical + report, 24+24 hr, 85% pass ($149). Lateral movement specialization — credential harvesting, network pivoting, tunneling, living-off-the-land techniques across enterprise networks. Niche focus uncommon in othe…
CESC-AS — CyberWarFare Labs Certified Enterprise Security Controls Attack Specialist
CyberWarFare Labs · intermediate · 70% practical · $299 — official
24-hr practical + report ($299). Enterprise security control bypass — EDR/AV evasion, AMSI bypass, ETW patching, security tooling blind-spots. Practical lab against hardened environments. Strong complement to CRTS.
CWI-RTO — CyberWarFare Labs Certified Windows Internals Red Team Operator
CyberWarFare Labs · intermediate · 70% practical · $299 — official
Practical + report, 12+12 hr, 75% pass ($299). Windows internals for red teamers — process injection techniques, token manipulation, handle inheritance abuse, EDR blind spots via Windows internals knowledge. Bridges tool…
CSCO — CyberWarFare Labs Certified Stealth Cyber Operator
CyberWarFare Labs · expert · 100% practical · $599 — official
Timed practical, instructor-evaluated ($599). CWL's top-tier red team credential. Advanced stealth operations — OPSEC-conscious adversary simulation, advanced evasion, complex AD exploitation. Instructor-reviewed report.
CEDP — CyberWarFare Labs Certified Exploit Development Professional
CyberWarFare Labs · intermediate · 70% practical · $199 — official
Practical + report, 24+24 hr, 85% pass ($199). Exploit development — stack/heap overflows, ROP chains, shellcode development, DEP/ASLR bypass techniques. Affordable entry into binary exploitation credentialing.
CRT-COI — CyberWarFare Labs Certified Red Team CredOps Infiltrator
CyberWarFare Labs · intermediate · 25% practical · $59 — official
MCQ, 100% pass, unlimited attempts ($59). Credential operations and access — password attacks, NTLM hash dumping, credential spraying, pass-the-hash. Lower bar entry-level credential. MCQ format.
CPTA — CyberWarFare Labs Certified Purple Team Analyst v2
CyberWarFare Labs · intermediate · 70% practical · $199 — official
Practical, instructor-evaluated ($199). Purple team operations — structured attack-detect-respond cycles, ATT&CK mapping, detection rule validation, offensive and defensive perspective integration. v2 refreshed with mode…
COPO — CyberWarFare Labs Certified Offensive Phishing Operator
CyberWarFare Labs · beginner · 50% practical · $99 — official
Completion-based ($99). Offensive phishing operations — GoPhish/Evilginx setup, email spoofing, phishing page creation, credential harvesting infrastructure, anti-detection techniques.
CPIA — CyberWarFare Labs Certified Process Injection Analyst
CyberWarFare Labs · intermediate · 25% practical · $49 — official
MCQ, 100% pass, unlimited attempts ($49). Process injection techniques — DLL injection, reflective injection, process hollowing, APC injection. MCQ format covering theory and use-case identification.
ELPT — White Knight Labs Entry Level Penetration Tester Certification
White Knight Labs · beginner · 100% practical · $450 — official
WKL's entry-level certification. 48-hr practical + 48-hr professional report. Full pentest lifecycle — recon, enumeration, exploitation, post-exploitation, pivoting, and commercial-grade report writing. All practical, no…
OADOC — White Knight Labs Offensive Active Directory Operations Certification
White Knight Labs · intermediate · 100% practical · $1200 — official
WKL's AD specialist certification. 48-hr practical + 48-hr report in a private AWS-hosted AD lab. Modern AD exploitation — Kerberos delegation abuse, ADCS ESC chains, AD Federation Services attacks, SCCM exploitation, cr…
ARTOC — White Knight Labs Advanced Red Team Operations Certification
White Knight Labs · expert · 100% practical · $2000 — official
WKL's flagship red team certification. 48-hr practical + 48-hr report, Cobalt Strike + Havoc in stigs-corp.local lab. Multi-cloud C2 infrastructure (redirectors on AWS/Azure/GCP CDNs), advanced AD + ADCS exploitation, an…
ODPC — White Knight Labs Offensive Development Practitioner Certification
White Knight Labs · intermediate · 100% practical · $500 — official
WKL's malware and offensive development certification. $500 on-demand (most affordable WKL cert), $2,200 live (DEF CON 2025). Offensive tool/implant development in C and Go — AMSI bypass, ETW patching, process injection …
OMSE — 8kSec Offensive Mobile Security Expert
8kSec · elite · 100% practical · $119 — official
8kSec's elite-tier mobile security credential covering iOS and Android userland and kernel-level offensive operations. Hands-on practical exam in a Corellium ARM virtualization environment with written report graded by t…
CMSE — 8kSec Certified Mobile Security Engineer
8kSec · expert · 100% practical · $119 — official
8kSec's mobile application security engineering credential. 48-hour practical exam with 5 levels of varying difficulty in a Corellium iOS and Android lab, with written report graded by 8kSec experts within 3 business day…
OAAE — 8kSec Offensive ARM Exploitation Expert
8kSec · expert · 100% practical · $119 — official
8kSec's ARM64 exploitation credential covering vulnerability discovery and exploit development on AARCH64 architectures in a Corellium virtualized environment. Hands-on practical exam with written report. Bundled with th…
CISR — 8kSec Certified iOS Security Researcher
8kSec · expert · 100% practical · $119 — official
8kSec's iOS security research credential — deeper than CISE, covering iOS internals for security researchers rather than app testers. Hands-on practical exam in Corellium with written report. Bundled with Offensive iOS I…
CASR — 8kSec Certified Android Security Researcher
8kSec · expert · 100% practical · $119 — official
8kSec's Android security research credential — deeper than CASE, covering Android internals for security researchers. Hands-on practical exam in Corellium with written report. Bundled with Offensive Android Internals cou…
GEVA — GIAC Enterprise Vulnerability Assessor
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
**Status:** Officially in abeyance — no longer available for purchase, CPE renewal only. GIAC's enterprise vulnerability assessment certification — currently in abeyance, meaning no new exam vouchers are being sold, but …

Digital Forensics & Incident Response (56 certs)

Digital forensics, memory and mobile forensics, incident response, malware analysis, and threat hunting across enterprise and cloud environments.

GCFE — GIAC Certified Forensic Examiner
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
The entry-level GIAC forensics cert focused exclusively on Windows endpoint forensics. Covers the full Windows artifact landscape — registry, LNK files, shellbags, browser history, email artifacts, and prefetch. Well res…
GX-FE — GIAC Experienced Forensic Examiner
GIAC / SANS Institute · expert · 100% practical · $1299 — official
The 100% hands-on Applied Knowledge tier of GCFE — entirely CyberLive virtual environment with no multiple choice. Tests whether you can actually perform forensic analysis under time pressure, not just recall concepts. P…
GCFA — GIAC Certified Forensic Analyst
GIAC / SANS Institute · expert · 25% practical · $999 — official
The advanced GIAC forensics cert and the most respected DFIR credential in enterprise environments alongside GCFE. Covers advanced memory forensics, timeline super-analysis, threat hunting through forensic data, and anti…
GX-FA — GIAC Experienced Forensic Analyst
GIAC / SANS Institute · elite · 100% practical · $1299 — official
The 100% hands-on Applied Knowledge version of GCFA — the most rigorous DFIR certification available from GIAC. Entirely CyberLive-based, requiring you to actually perform complex forensic analysis in a virtual environme…
GBFA — GIAC Battlefield Forensics and Acquisition
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
Focused on rapid forensic triage and evidence acquisition in field environments — first responder forensics rather than lab analysis. Covers live system triage, mobile acquisition, and rapid data collection under operati…
GCIH — GIAC Certified Incident Handler
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
One of the most widely recognized incident response certifications globally, and a benchmark credential for SOC and IR roles. Covers the full incident response lifecycle from detection through containment, eradication, a…
GX-IH — GIAC Experienced Incident Handler
GIAC / SANS Institute · expert · 100% practical · $1299 — official
The 100% hands-on Applied Knowledge tier of GCIH — entirely CyberLive virtual environment exam. Forces candidates to actually handle simulated incidents rather than answering questions about how they would. Launched as p…
GEIR — GIAC Enterprise Incident Response
GIAC / SANS Institute · expert · 25% practical · $999 — official
An advanced IR cert specifically designed for enterprise-scale and cloud-hybrid incidents — the area where GCIH falls short. Covers EDR-driven investigation, cloud incident response across AWS/Azure/GCP, threat hunting a…
GLIR — GIAC Linux Incident Responder
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
One of very few certifications dedicated specifically to Linux forensics and incident response — a gap that has become increasingly critical as Linux dominates server, cloud, and container environments. Covers Linux arti…
GNFA — GIAC Network Forensic Analyst
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
The primary network-focused forensics certification, covering deep packet inspection, protocol analysis, and network artifact reconstruction. Teaches analysts to work from network evidence rather than host artifacts — an…
GCFR — GIAC Cloud Forensics Responder
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
Currently the only dedicated cloud forensics certification on the market — a domain with almost no other credentialing options. Covers forensic investigation and incident response across AWS, Azure, and GCP, including lo…
GREM — GIAC Reverse Engineering Malware
GIAC / SANS Institute · expert · 25% practical · $999 — official
The gold standard malware analysis certification and one of the most technically demanding GIAC credentials. Covers static and dynamic analysis, assembly language, unpacking, obfuscation techniques, and IOC extraction fr…
GASF — GIAC Advanced Smartphone Forensics
GIAC / SANS Institute · expert · 25% practical · $999 — official
One of very few advanced mobile forensics certifications and the primary GIAC option for smartphone investigation. Covers deep iOS and Android forensics including app data analysis, cloud backup investigation, encryption…
GIME — GIAC iOS and macOS Examiner
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
Specialized forensics certification covering Apple's entire ecosystem — iOS devices, macOS computers, and iCloud — which share artifacts and investigation methodologies across the Apple stack. Covers APFS forensics, iOS …
OSDA — OffSec Defense Analyst
OffSec · beginner · 100% practical · $1749 — official
OffSec's entry into the defensive/SOC certification space, bringing their 100% practical exam approach to blue team work. Covers SOC analyst workflow, log analysis, alert triage, and basic incident response using real la…
OSTH — OffSec Threat Hunter
OffSec · intermediate · 100% practical · $1749 — official
OffSec's practical threat hunting certification, bringing their hands-on exam approach to proactive detection. Covers hypothesis-driven hunting methodologies, EDR-based hunting, network-level hunting, and TTP-based detec…
OSIR — OffSec Incident Responder
OffSec · intermediate · 100% practical · $1749 — official
OffSec's practical incident response certification covering the full IR lifecycle in a hands-on exam environment. Covers evidence collection, host and network triage, malware identification, containment, and documentatio…
BTL1 — Blue Team Level 1
Security Blue Team · beginner · 70% practical · $500 — official
One of the best entry-level blue team certifications on the market and frequently recommended as a starting point for aspiring SOC analysts and DFIR practitioners. The 24-hour practical exam covers phishing analysis, dig…
BTL2 — Blue Team Level 2
Security Blue Team · intermediate · 70% practical · $599 — official
The advanced tier of the Security Blue Team certification path, covering memory forensics, malware analysis, threat hunting, and advanced SIEM work. Maintains the same highly practical 24-hour exam format as BTL1 but at …
CCDL1 — Certified CyberDefender Level 1
CyberDefenders · beginner · 70% practical · $299 — official
The entry-level tier of CyberDefenders' new two-level certification structure (rebranded from CCD in March 2025). Targets associate-level SOC analysts entering the field with a practical lab-based exam. CyberDefenders' p…
CCDL2 — Certified CyberDefender Level 2
CyberDefenders · intermediate · 70% practical · $399 — official
The intermediate tier of CyberDefenders' certification path (formerly called CCD, rebranded March 2025 when the two-level structure was introduced). Covers more advanced defensive analysis including threat hunting and in…
CDSA — HTB Certified Defensive Security Analyst
Hack The Box · intermediate · 100% practical · $210 — official
HTB's defensive security certification bringing their well-regarded practical exam format to the blue team space. 100% hands-on exam covering SOC analysis, log investigation, basic forensics, and incident response. Not D…
PMRP — Practical Malware Research Professional
TCM Security · intermediate · 100% practical · $499 — official
TCM Security's practical malware analysis certification covering static and dynamic analysis, sandbox investigation, IOC extraction, and report writing — all assessed through a practical exam. Not DoD 8140 approved but T…
MDFIR — Certified DFIR Specialist
Mosse Institute (MCSI) · intermediate · 100% practical · $450 — official
Mosse Institute's DFIR certification using their portfolio-based assessment model rather than a traditional proctored exam — candidates complete practical exercises that are reviewed and graded by instructors. This non-t…
MRE — Certified Reverse Engineer
Mosse Institute (MCSI) · intermediate · 100% practical · $450 — official
Mosse Institute's reverse engineering and malware analysis certification using their portfolio-based assessment model. Covers reverse engineering fundamentals, assembly analysis, and malware investigation through practic…
MTH — Certified Threat Hunter
Mosse Institute (MCSI) · intermediate · 100% practical · $450 — official
Mosse Institute's threat hunting certification using their portfolio-based exercise model. Covers threat hunting methodology, hypothesis-driven approaches, and behavioral analysis through graded practical exercises. Same…
CHFI — Computer Hacking Forensic Investigator
EC-Council · intermediate · 25% practical · $500 — official
EC-Council's forensics certification and the DoD 8140 approved option in the digital forensics space from that vendor. Covers broad forensics methodology including acquisition, analysis, and reporting across multiple evi…
ECIH — EC-Council Certified Incident Handler
EC-Council · intermediate · 25% practical · $450 — official
EC-Council's incident handling certification and a DoD 8140 option for IR roles. Covers the incident response lifecycle with broad coverage across multiple incident types. DoD 8140 approved which is its main value in the…
CCO — Cellebrite Certified Operator
Cellebrite · beginner · 50% practical · $800 — official
Entry-level Cellebrite certification for operating UFED extraction tools. Validates basic proficiency with Cellebrite's mobile device extraction platform which dominates law enforcement mobile forensics globally. Require…
CCPA — Cellebrite Certified Physical Analyst
Cellebrite · intermediate · 50% practical · $1200 — official
Intermediate Cellebrite certification covering physical extraction techniques, advanced acquisition methods, and deeper mobile artifact analysis using Cellebrite tools. More technically demanding than CCO and covers devi…
CCME — Cellebrite Certified Mobile Examiner
Cellebrite · expert · 70% practical · $1500 — official
The advanced Cellebrite certification demonstrating expert-level proficiency across the full Cellebrite toolset. Covers complex mobile investigations, advanced artifact correlation, and expert witness preparation. The hi…
CASA — Cellebrite Advanced Smartphone Analysis
Cellebrite · expert · 70% practical · $1400 — official
Specialized Cellebrite certification focused specifically on deep smartphone artifact analysis rather than broad platform operation. Covers application-level artifacts, encrypted data analysis, and behavioral reconstruct…
CCRS — Cellebrite Certified Recovery Specialist
Cellebrite · expert · 70% practical · $1600 — official
Highly specialized Cellebrite certification focused on data recovery from damaged, locked, or otherwise inaccessible devices. Covers advanced recovery techniques including Cellebrite Premium capabilities, JTAG awareness,…
MCFE — Magnet Certified Forensics Examiner
Magnet Forensics · intermediate · 50% practical · $500 — official
Magnet Forensics' certification for their AXIOM platform — the main competitor to Cellebrite in the mobile and digital forensics tool market. Covers Magnet AXIOM operation for computer, mobile, and cloud evidence analysi…
ACE — AccessData Certified Examiner
Exterro (formerly AccessData) · beginner · 25% practical · $0 — official
Exterro's (formerly AccessData) free certification for their FTK (Forensic Toolkit) platform — one of the most widely deployed forensic tools in law enforcement and enterprise. Free to obtain when bundled with FTK traini…
EnCE — EnCase Certified Examiner
OpenText · intermediate · 50% practical · $450 — official
OpenText's (formerly Guidance Software) certification for the EnCase forensic platform — historically one of the most recognized tool vendor certs in digital forensics, particularly in law enforcement and large enterpris…
CPIA — CREST Practitioner Intrusion Analyst
CREST · beginner · 50% practical · $500 — official
Entry-level CREST certification for intrusion analysis — the first step on the CREST IR pathway. Primarily recognized in the UK, Australia, Singapore, and EU where CREST accreditation carries regulatory weight. Little re…
CRIA — CREST Registered Intrusion Analyst
CREST · intermediate · 70% practical · $1000 — official
Intermediate CREST certification for intrusion analysts, required for working on CREST-accredited IR engagements in the UK and other CREST regions. More rigorous than CPIA with a significant practical component. Recogniz…
CCIM — CREST Certified Incident Manager
CREST · expert · 50% practical · $2000 — official
Senior CREST certification for incident response leadership and management — covers managing IR engagements rather than performing technical analysis. Required for leading CREST-accredited IR engagements in regulated mar…
CFR — CyberSec First Responder
CertNexus · intermediate · 25% practical · $350 — official
CertNexus's DoD 8140 approved incident response certification, filling a specific need in the government contractor space where approved certs are required. Covers threat assessment, IR process, and basic forensics. DoD …
eCDFP — eLearnSecurity Certified Digital Forensics Professional
INE Security · intermediate · 100% practical · $400 — official
INE Security's practical digital forensics certification covering disk, memory, and network forensics through a hands-on exam. 100% practical format consistent with eLearnSecurity's approach across their certification po…
CFCE — IACIS Certified Forensic Computer Examiner
IACIS · intermediate · 70% practical · $800 — official
IACIS's flagship credential and the only digital forensics certification accredited by the Forensic Specialties Accreditation Board (FSAB) — placing it in the same accreditation tier as traditional forensic science disci…
CAWFE — IACIS Certified Advanced Windows Forensic Examiner
IACIS · expert · 50% practical · $800 — official
IACIS's advanced Windows forensics credential, covering registry forensics, advanced artifact parsing, and file-system edge cases mapped to the August 2023 Windows Forensic Examiner Core Competencies document. The exam i…
ICMDE — IACIS Certified Mobile Device Examiner
IACIS · intermediate · 50% practical · $800 — official
IACIS's mobile device forensics credential covering extraction, decoding, decryption, and analysis of mobile devices. The exam runs as a 48-hour written window followed by a 48-hour practical window, each requiring 80%. …
Z2A — Zero2Automated Advanced Malware Analysis Certification
0ffset Training Solutions · expert · 70% practical · $390 — official
Zero2Automated is widely regarded as the best-value advanced malware analysis course and certification available — practitioners on r/blueteamsec and malware.news consistently rate its content above GREM in practical dep…
IWE — Investigating Windows Endpoints
13Cubed · intermediate · 50% practical · $795 — official
13Cubed's Windows endpoint forensics certification by Richard Davis (Microsoft DART, former SANS instructor) — widely regarded as the highest-quality affordable alternative to SANS FOR500/GCFE. Covers the full Windows ar…
IWM — Investigating Windows Memory
13Cubed · intermediate · 50% practical · $795 — official
13Cubed's Windows memory forensics certification covering Volatility 2/3 and MemProcFS in significantly more depth than SANS FOR508. Topics include process enumeration, code injection detection (basic, reflective DLL inj…
ILD — Investigating Linux Devices
13Cubed · intermediate · 50% practical · $895 — official
13Cubed's Linux forensics certification covering Linux log analysis, ext2/3/4 and other file systems, persistence mechanisms, systemd artifacts, SSH key forensics, evidence collection with dd/dcfldd/AVML/UAC, and Linux m…
IME — Investigating macOS Endpoints
13Cubed · intermediate · 50% practical · $895 — official
13Cubed's macOS forensics certification covering Apple Silicon and Intel Mac investigation — Unified Logging, APFS/HFS+ file systems, macOS-specific artifacts (FSEvents, knowledgeC.db, Biome, .DS_Store), persistence mech…
CAMRE — 8kSec Certified Android Malware Reverse Engineer
8kSec · intermediate · 100% practical · $119 — official
8kSec's Android malware reverse engineering credential. Hands-on practical lab exam in a Corellium ARM environment covering Android malware analysis — reversing Smali/Java/Kotlin/native binaries, identifying obfuscation …
CIMRE — 8kSec Certified iOS Malware Researcher
8kSec · intermediate · 100% practical · $119 — official
8kSec's iOS malware researcher credential. Hands-on practical exam in a Corellium iOS environment covering iOS malware analysis — reversing Objective-C/Swift binaries, identifying anti-analysis techniques, and analyzing …
CMMRE — 8kSec Certified Mobile Malware Reverse Engineer
8kSec · expert · 100% practical · $119 — official
8kSec's cross-platform mobile malware reverse engineering credential — the capstone of the malware analysis track covering both iOS and Android. 8kSec positions this as the definitive benchmark for senior mobile malware …
GRID — GIAC Response and Industrial Defense
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
GIAC's advanced OT/ICS certification focused specifically on incident response and forensic investigation in industrial environments — the blue team companion to GICSP. Covers active defense, network monitoring, threat h…
GCIL — GIAC Cyber Incident Leader
GIAC / SANS Institute · expert · 25% practical · $999 — official
GIAC's incident response leadership certification covering the management and coordination of large-scale incident response operations — launched 2025. Addresses the gap between technical IR skill and the leadership capa…
GCTI — GIAC Cyber Threat Intelligence
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
The primary GIAC certification for cyber threat intelligence and the most recognized vendor-neutral CTI credential globally. Covers the intelligence cycle, TTP analysis, MITRE ATT&CK application, threat actor profiling, …
CTIA — Certified Threat Intelligence Analyst
EC-Council · intermediate · 25% practical · $450 — official
EC-Council's threat intelligence certification covering the intelligence lifecycle, IOC analysis, threat actor profiling, OSINT, dark web intelligence, and reporting. Not DoD 8140 approved, which limits its appeal versus…

Defensive Security / SOC (48 certs)

Security operations, SOC analysis, SIEM operations, detection engineering, and endpoint detection and response platforms.

CBTeamerX — SecOps Group Certified Blue Teamer eXpert
The SecOps Group · expert · 70% practical · $510 — official
eXpert-tier (~7-hr practical multi-stage APT investigation, £400, Jan 2026). Advanced blue team — multi-stage APT investigation across on-prem AD and cloud environments. Covers cloud forensics, advanced memory analysis, …
MCBTA — CyberWarFare Labs Certified Multi-Cloud Blue Team Analyst
CyberWarFare Labs · beginner · 70% practical · $49 — official
30+ flag-based challenges ($49). Multi-cloud defensive analysis — threat detection, log analysis, and incident investigation across AWS, Azure, and GCP. Defensive counterpart to MCRTA.
Security+ — CompTIA Security+
CompTIA · beginner · 25% practical · $392 — official
The most widely recognized entry-level security certification globally and the de facto baseline for government and contractor security roles under DoD 8140. Covers a broad range of security concepts from network securit…
CySA+ — CompTIA Cybersecurity Analyst+
CompTIA · intermediate · 25% practical · $392 — official
CompTIA's intermediate blue team certification targeting SOC analysts and threat detection roles. Covers threat detection, log analysis, vulnerability management, and incident response at a level above Security+ but belo…
CC — Certified in Cybersecurity
ISC2 · beginner · 0% practical · $0 — official
ISC2's entry-level certification designed to bring newcomers into cybersecurity, currently offered for free as part of ISC2's one million certified campaign. Covers foundational security principles, access controls, netw…
SSCP — Systems Security Certified Practitioner
ISC2 · intermediate · 0% practical · $249 — official
ISC2's practitioner-level certification below CISSP, targeting security operations and administration roles. Covers access controls, security operations, risk identification, incident response, and cryptography at a hand…
GSEC — GIAC Security Essentials
GIAC / SANS Institute · beginner · 25% practical · $999 — official
GIAC's entry-level broad security certification and a DoD 8140 approved baseline credential. Covers a wide range of security essentials across networking, cryptography, access control, and incident handling — broader and…
GCDA — GIAC Certified Detection Analyst
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
GIAC's certification focused specifically on detection engineering and building effective detection capabilities — an area where most other certs fall short. Covers developing and tuning SIEM rules, behavioral detection,…
SC-200 — Microsoft Certified: Security Operations Analyst Associate
Microsoft · intermediate · 25% practical · $165 — official
Microsoft's SOC analyst certification covering Sentinel (SIEM/SOAR), Microsoft Defender XDR suite, and security operations workflows in the Microsoft ecosystem. If your organization runs Microsoft security products — whi…
SC-900 — Microsoft Certified: Security, Compliance, and Identity Fundamentals
Microsoft · beginner · 0% practical · $165 — official
Microsoft's entry-level security fundamentals cert covering basic concepts across the Microsoft security, compliance, and identity portfolio. Intended as a starting point before SC-200, SC-300, or SC-400. Very surface-le…
CyberOps Associate — Cisco Certified CyberOps Associate
Cisco · beginner · 25% practical · $330 — official
Cisco's entry-level SOC analyst certification covering security monitoring, host-based analysis, network intrusion analysis, and incident response fundamentals. DoD 8140 approved which is its strongest selling point over…
CyberOps Professional — Cisco Certified CyberOps Professional
Cisco · expert · 25% practical · $400 — official
Cisco's advanced SOC certification requiring two exams (350-201 core + one concentration), covering advanced threat analysis, SOC operations, automation, forensics, and threat hunting at a senior level. DoD 8140 approved…
CND — Certified Network Defender
EC-Council · intermediate · 25% practical · $450 — official
EC-Council's network defense certification covering network security administration, IDS/IPS, firewalls, VPNs, and incident response from a network perspective. DoD 8140 approved which is its primary value in the market.…
SPLK-1001 — Splunk Core Certified User
Splunk (Cisco) · beginner · 0% practical · $130 — official
Splunk's entry-level certification covering basic search, reporting, and dashboarding in the Splunk platform. The starting point for the Splunk certification path and a natural first step for SOC analysts working in Splu…
SPLK-1002 — Splunk Core Certified Power User
Splunk (Cisco) · intermediate · 0% practical · $130 — official
Splunk's intermediate certification covering advanced SPL queries, data models, knowledge objects, and CIM usage — the skills needed to build meaningful security content in Splunk. More practically useful than SPLK-1001 …
SPLK-5001 — Splunk Certified Cybersecurity Defense Analyst
Splunk (Cisco) · intermediate · 0% practical · $130 — official
Splunk's new SOC analyst-focused certification launched in 2025, covering security monitoring, alert investigation, and incident analysis specifically within the Splunk Enterprise Security platform. The most directly rel…
SPLK-5002 — Splunk Certified Cybersecurity Defense Engineer
Splunk (Cisco) · expert · 0% practical · $130 — official
Splunk's advanced cybersecurity engineering cert covering detection rule development, Splunk ES configuration, SOAR integration, and security content engineering — building and tuning the tools rather than just using the…
SPLK-3001 — Splunk Enterprise Security Certified Admin
Splunk (Cisco) · expert · 0% practical · $130 — official
The legacy Splunk Enterprise Security administration certification, now frozen as of January 2026 — exam content will no longer be updated though the cert can still be earned and renewed. Covers administration of Splunk …
CCFA — CrowdStrike Certified Falcon Administrator
CrowdStrike · intermediate · 0% practical · $250 — official
CrowdStrike's entry-level platform administration cert covering Falcon console navigation, policy management, host management, and reporting. Targets administrators deploying and managing Falcon rather than analysts inve…
CCFR — CrowdStrike Certified Falcon Responder
CrowdStrike · intermediate · 0% practical · $250 — official
CrowdStrike's SOC analyst certification covering alert investigation, threat graph analysis, real-time response, and detection triage within the Falcon platform. The most relevant CrowdStrike cert for front-line SOC anal…
CCFH — CrowdStrike Certified Falcon Hunter
CrowdStrike · expert · 0% practical · $250 — official
CrowdStrike's advanced threat hunting certification covering hypothesis-driven hunting, CrowdStrike Query Language (CQL), behavioral analysis, and adversary intelligence-driven hunting within the Falcon ecosystem. Update…
PANW SecOps Professional — Palo Alto Networks Certified Security Operations Professional
Palo Alto Networks · intermediate · 0% practical · $200 — official
Palo Alto Networks' intermediate SOC operations certification covering Cortex XDR and XSIAM for security operations. Part of the new role-based framework that replaced all legacy Palo Alto certs in 2025. Delivered in-per…
PANW XDR Analyst — Palo Alto Networks Certified XDR Analyst
Palo Alto Networks · intermediate · 0% practical · $250 — official
Palo Alto Networks' specialist-level certification for analysts working specifically with Cortex XDR — the EDR/XDR platform. Covers alert triage, behavioral analytics, and investigation workflows within the Cortex XDR co…
PANW XSIAM Analyst — Palo Alto Networks Certified XSIAM Analyst
Palo Alto Networks · intermediate · 0% practical · $250 — official
Palo Alto Networks' analyst-level certification for their XSIAM (Extended Security Intelligence and Automation Management) platform — their AI-driven SOC platform combining SIEM, SOAR, and threat intelligence. In-person …
PANW XSOAR Engineer — Palo Alto Networks Certified XSOAR Engineer
Palo Alto Networks · expert · 0% practical · $250 — official
Palo Alto Networks' engineering certification for XSOAR (Cortex XSOAR), their SOAR platform for security automation and orchestration. Covers playbook development, integration engineering, and workflow automation — build…
PSAA — Practical SOC Analyst Associate
TCM Security · beginner · 100% practical · $249 — official
TCM Security's entry-level SOC analyst certification with a 100% practical exam format — candidates investigate simulated security incidents and produce a professional report, assessed by human reviewers. No multiple cho…
PSAP — Practical SOC Analyst Professional
TCM Security · intermediate · 100% practical · $499 — official
TCM Security's advanced SOC analyst certification covering threat hunting, enterprise incident response, and intrusion reconstruction through a 3-day practical exam in a corporate network environment. Candidates investig…
GDAT — GIAC Defending Advanced Threats
GIAC · expert · 25% practical · $979 — official
GIAC's advanced threat defense and threat hunting certification associated with SANS SEC599. Covers threat hunting methodology, behavioral analytics, adversary profiling, and detection of sophisticated intrusions that by…
GSOM — GIAC Security Operations Manager
GIAC · expert · 25% practical · $949 — official
GIAC's security operations management certification associated with SANS LDR551. The only dedicated SOC management credential available — covers SOC architecture design, analyst development programs, metrics and KPIs, de…
GX-CS — GIAC Experienced Cybersecurity Specialist
GIAC · expert · 100% practical · $1299 — official
GIAC's Applied Knowledge certification linked to GSEC — the Experienced Cybersecurity Specialist. Part of the GX-series launched in 2024, all of which are 100% CyberLive hands-on exams that test real-world capability thr…
GX-IA — GIAC Experienced Intrusion Analyst
GIAC · expert · 100% practical · $1299 — official
GIAC's Applied Knowledge certification linked to GCIA — the Experienced Intrusion Analyst. Part of the GX-series (2024), 100% CyberLive hands-on exam. GX-IA validates the ability to solve complex, multi-step intrusion an…
CCOA — ISACA Certified Cybersecurity Operations Analyst
ISACA · intermediate · 25% practical · $760 — official
ISACA's 2025 technical cybersecurity operations certification — their first credential with performance-based questions alongside MCQ. CCOA uses a hybrid 4-hour exam format: traditional multiple-choice plus hands-on lab …
CCIS — CrowdStrike Certified Identity Specialist
CrowdStrike · intermediate · 0% practical · $250 — official
CrowdStrike's Falcon Identity Protection certification. Validates the ability to manage identity-based risk in the Falcon domain — assessing user and entity risks, investigating identity-based detections, managing MFA an…
CCCS — CrowdStrike Certified Cloud Specialist
CrowdStrike · intermediate · 0% practical · $250 — official
CrowdStrike's Falcon Cloud Security certification (exam code CCCS-203b). Validates cloud security operations using the CrowdStrike Falcon CNAPP ecosystem — analyzing cloud asset activities, detecting adversarial behavior…
CSOM — Security Blue Team Certified Security Operations Manager
Security Blue Team · expert · 50% practical · $2480 — official
Security Blue Team's advanced SOC management certification, launched January 2024. Targets established or aspiring security operations managers with 2+ years of hands-on SOC experience — only candidates who meet the expe…
CJDE — Security Blue Team Certified Junior Detection Engineer
Security Blue Team · beginner · 70% practical · $495 — official
Security Blue Team's detection engineering certification launched September 2025, targeting junior analysts and SOC practitioners with 1-3 years of IT or security experience. Addresses a recognized gap — most detection e…
SAL1 — TryHackMe Security Analyst Level 1
TryHackMe · beginner · 50% practical · $349 — official
TryHackMe's first formal certification, launched February 2025, targeting analysts with 0-2 years of experience. The SAL1 uses a hybrid format — MCQ sections alongside a SOC simulation environment — delivered as a 24-hou…
EX415 — Red Hat Certified Specialist in Security: Linux
Red Hat · intermediate · 100% practical · $500 — official
Red Hat's security-focused Linux specialist certification (exam EX415), covering SELinux policy management, OpenSCAP compliance scanning, AIDE intrusion detection, Ansible-based security automation, and the Linux audit s…
CBTP — SecOps Group Certified Blue Team Practitioner
The SecOps Group · beginner · 0% practical · $32 — official
Essentials-tier (60-min MCQ, £25, 2025). SOC and blue team fundamentals — SIEM basics, DFIR workflow, malware analysis concepts, incident response process. Entry-level blue team MCQ credential.
CSEDP — SecOps Group Certified Social Engineering Defense Practitioner
The SecOps Group · beginner · 0% practical · $32 — official
Essentials-tier (60-min MCQ, £25, late 2025). Social engineering defense fundamentals — phishing, vishing, impersonation, pretexting, and human-factor security awareness. MCQ only.
CDP — Practical DevSecOps Certified DevSecOps Professional
Practical DevSecOps · intermediate · 100% practical · $899 — official
Practical DevSecOps's flagship certification — widely cited as the most recognized DevSecOps credential. 5 task-based challenges, 6-hour browser-based lab + 24-hour report, 80% pass. Covers building secure CI/CD pipeline…
CDE — Practical DevSecOps Certified DevSecOps Expert
Practical DevSecOps · expert · 100% practical · $1199 — official
Practical DevSecOps's advanced DevSecOps certification — the most technically demanding in the PDSO catalog due to its 24-hour exam window. 5 task-based challenges, 24-hour lab + 24-hour written report, 70% pass threshol…
CSSE — Practical DevSecOps Certified Software Supply Chain Security Expert
Practical DevSecOps · intermediate · 100% practical · $799 — official
Practical DevSecOps's software supply chain security certification. 5 task-based challenges, 6-hour lab + 24-hour report, 80% pass. Covers SBOM generation and consumption, SLSA framework implementation, artifact signing …
CCSA — Check Point Certified Security Administrator
Check Point · beginner · 25% practical · $250 — official
Check Point's entry-level security certification covering SmartConsole administration, security policy management, NAT, and basic VPN configuration. Not DoD 8140 approved. Check Point has significant market presence in f…
CCSE — Check Point Certified Security Expert
Check Point · intermediate · 25% practical · $350 — official
Check Point's expert-level security certification covering advanced administration, VPN clustering, troubleshooting, and performance optimization for Check Point security environments. Not DoD 8140 approved. Expected for…
GCIA — GIAC Certified Intrusion Analyst
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
GIAC's intrusion analysis certification covering deep packet inspection, protocol analysis, network forensics, and IDS/IPS tuning. DoD 8140 approved and consistently in demand for network security analyst and SOC roles. …
CBTeamer — SecOps Group Certified Blue Teamer
The SecOps Group · intermediate · 70% practical · $320 — official
Professional-tier (~4-5 hr practical DFIR, £250). Hands-on blue team investigation — PCAP analysis, Sysmon log analysis, memory forensics, malware triage. Live lab environment. Step toward CBTeamerX.
CCSE — CyberWarFare Labs Certified Cyber Security Engineer
CyberWarFare Labs · intermediate · 70% practical · $199 — official
Practical + report, 24+24 hr ($199). Broad cyber security engineering — system hardening, network security design, security controls implementation, incident response. Defensive counterpart to the CWL red team stack.

Cloud Security (34 certs)

Cloud security architecture, AWS/Azure/GCP security engineering, container security, Zero Trust, and cloud-native security operations.

CCSP — Certified Cloud Security Professional
ISC2 · expert · 0% practical · $599 — official
The gold standard vendor-neutral cloud security certification and the most recognized cloud security credential globally for senior roles. Covers the full cloud security domain across architecture, data security, platfor…
CCSK — Certificate of Cloud Security Knowledge
Cloud Security Alliance (CSA) · intermediate · 0% practical · $395 — official
The Cloud Security Alliance's foundational cloud security certification and one of the most recognized vendor-neutral cloud security credentials at the intermediate level. Based on the CSA's Security Guidance and the ENI…
CCAK — Certificate of Cloud Auditing Knowledge
Cloud Security Alliance (CSA) / ISACA · intermediate · 0% practical · $395 — official
A joint CSA and ISACA certification covering cloud auditing methodology, controls assessment using the CSA Cloud Controls Matrix (CCM), and governance auditing. Fills the gap between technical cloud security and complian…
AWS Security Specialty — AWS Certified Security – Specialty
Amazon Web Services · expert · 0% practical · $300 — official
The most recognized cloud security certification for AWS environments and a near-requirement for senior cloud security roles in AWS-heavy organizations. Covers IAM, network security, data protection, logging, monitoring,…
GCP Security Engineer — Google Cloud Professional Cloud Security Engineer
Google Cloud · expert · 0% practical · $200 — official
Google Cloud's security engineering certification covering IAM, network security, data protection, and security operations within the GCP ecosystem. Less commonly required than AWS Security Specialty or AZ-500 purely bec…
GCSA — GIAC Cloud Security Automation
GIAC / SANS Institute · expert · 25% practical · $999 — official
GIAC's cloud security automation certification targeting practitioners who build secure cloud-native infrastructure and CI/CD pipelines. Covers IaC security, container and Kubernetes security, DevSecOps practices, and cl…
Cloud+ — CompTIA Cloud+
CompTIA · intermediate · 25% practical · $358 — official
CompTIA's vendor-neutral cloud security certification covering cloud architecture, deployment models, security controls, and governance. DoD 8140 approved which is its primary competitive advantage. Less technical depth …
ZTCA — Zscaler Zero Trust Cyber Associate
Zscaler · beginner · 0% practical · $0 — official
Zscaler's entry-level certification covering Zero Trust and SASE concepts with a focus on the Zscaler platform. Currently free to attempt, making it an accessible starting point for practitioners entering the Zscaler eco…
ZDTA — Zscaler for Users Administrator
Zscaler · intermediate · 25% practical · $250 — official
Zscaler's administrator-level certification for managing Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) — the core Zscaler SASE products. Covers policy management, SSL inspection, and access controls. Req…
ZDTE — Zscaler for Users Engineer
Zscaler · expert · 25% practical · $350 — official
Zscaler's advanced engineering certification covering complex Zscaler architecture design, advanced configuration, troubleshooting, and API integration. Targets engineers designing and building Zscaler deployments rather…
PANW Cloud Security Professional — Palo Alto Networks Certified Cloud Security Professional
Palo Alto Networks · intermediate · 0% practical · $200 — official
Palo Alto Networks' cloud security certification covering Prisma Cloud — their CNAPP (Cloud Native Application Protection Platform) covering CSPM, CWPP, and code security. Part of the new role-based framework replacing t…
OCI Security Professional — Oracle Cloud Infrastructure 2025 Certified Security Professional
Oracle · expert · 0% practical · $245 — official
Oracle's cloud security certification covering IAM, network security, data protection, and security services within Oracle Cloud Infrastructure. Updated annually — the 2025 version reflects current OCI services and secur…
GCTD — GIAC Cloud Threat Detection
GIAC · intermediate · 25% practical · $999 — official
GIAC's cloud-native threat detection certification covering detection engineering and threat hunting in cloud environments. Validates the ability to detect adversarial activity across major cloud platforms through log an…
MCRTA — CyberWarFare Labs Certified Multi-Cloud Red Team Analyst
CyberWarFare Labs · beginner · 70% practical · $49 — official
Flag-based practical across AWS/Azure/GCP ($49). Multi-cloud red team fundamentals — enumeration and initial exploitation across all three major platforms. Entry point before CARTS/AzRTS/CGRTS specializations.
AzRTS — CyberWarFare Labs Certified Azure Red Team Specialist
CyberWarFare Labs · intermediate · 70% practical · $149 — official
Flag-based, 15+ flags ($149). Azure and Entra ID red team — service principal abuse, managed identity exploitation, conditional access bypass, Azure AD Connect attacks. Focused Azure specialization at low cost.
CARTS — CyberWarFare Labs Certified AWS Cloud Red Team Specialist
CyberWarFare Labs · intermediate · 100% practical · $599 — official
12+12 hr practical + report ($599). Advanced AWS red team — IAM role chaining, Lambda abuse, S3 bucket exploitation, cross-account privilege escalation, AWS-specific C2 infrastructure. CWL's premium AWS credential.
CGRTS — CyberWarFare Labs Certified Google Cloud Red Team Specialist
CyberWarFare Labs · intermediate · 100% practical · $599 — official
Practical, 2 attempts ($599). GCP red team — service account abuse, IAM escalation, Google Workspace integration attacks, Cloud Run exploitation, metadata server attacks. Pairs with CARTS for full multi-cloud coverage.
CHMRTS — CyberWarFare Labs Certified Hybrid Multi-Cloud Red Team Specialist
CyberWarFare Labs · expert · 100% practical · $699 — official
24-hr practical + report, 30-day window ($699). CWL's top cloud credential. Hybrid multi-cloud red team — pivot between AWS, Azure, and GCP environments, abuse cross-cloud trust relationships, exfiltration across cloud b…
DO-RTA — CyberWarFare Labs Certified DevOps Red Team Analyst
CyberWarFare Labs · intermediate · 70% practical · $449 — official
Practical, 2 attempts ($449). DevOps and pipeline security — CI/CD pipeline attacks, container escapes, Kubernetes exploitation, secrets management abuse, supply chain attack vectors. Growing demand as DevOps adoption ac…
K8s-RTA — CyberWarFare Labs Certified Kubernetes Red Team Analyst
CyberWarFare Labs · intermediate · 70% practical · $99 — official
Practical, unlimited attempts ($99). Kubernetes offensive operations — pod escape, RBAC misconfiguration abuse, secret extraction, lateral movement between namespaces, node compromise. Budget Kubernetes security credenti…
OAOTC — White Knight Labs Offensive Azure Operations and Tactics Certification
White Knight Labs · intermediate · 100% practical · $700 — official
WKL's Azure red team certification. 48-hr practical + 48-hr report in a live Azure lab. Azure + Entra ID offensive operations — identity abuse, Pass-the-PRT, conditional access bypass, Azure lateral movement, hybrid iden…
OGOTC — White Knight Labs Offensive GCP Operations and Tactics Certification
White Knight Labs · intermediate · 100% practical · $700 — official
WKL's GCP red team certification. $700 on-demand, $2,500 at DEF CON 2026. Lifetime access with performance-based practical + report. GCP attack lifecycle — IAM/service-account escalation, metadata server abuse, BigQuery/…
CCSE — Practical DevSecOps Certified Container Security Expert
Practical DevSecOps · intermediate · 100% practical · $599 — official
Practical DevSecOps's container security certification. 5 task-based challenges in a 6-hour browser-based lab followed by a 24-hour written report (80% pass). Covers hardening container images, attacking and exploiting c…
CCNSE — Practical DevSecOps Certified Cloud-Native Security Expert
Practical DevSecOps · expert · 100% practical · $999 — official
Practical DevSecOps's Kubernetes and cloud-native security certification. 5 task-based challenges, 6-hour practical lab + 24-hour report, 80% pass. Covers attacking and defending Kubernetes clusters, RBAC, admission cont…
CKS — Certified Kubernetes Security Specialist
Cloud Native Computing Foundation (CNCF) / Linux Foundation · expert · 100% practical · $445 — official
The de facto industry standard for Kubernetes security — the only widely recognized vendor-neutral hands-on Kubernetes security credential outside of PDSO's CCNSE. 2-hour performance-based CLI exam in real Kubernetes clu…
KCSA — Kubernetes and Cloud Native Security Associate
Cloud Native Computing Foundation (CNCF) / Linux Foundation · beginner · 0% practical · $250 — official
CNCF's entry-level Kubernetes and cloud-native security credential. ~90-minute MCQ exam (~60 questions), no prerequisites, free retake included, $250. Covers the 4Cs of cloud-native security (Cloud/Cluster/Container/Code…
CCSP-AWS — SecOps Group Certified Cloud Security Practitioner AWS
The SecOps Group · beginner · 0% practical · $32 — official
Essentials-tier (60-min MCQ, £25). AWS cloud security fundamentals — IAM, KMS, VPC security groups, CloudWatch/CloudTrail, EKS/ECS basics. MCQ only. Entry-level cloud security baseline at minimal cost.
AZ-500 — Microsoft Certified: Azure Security Engineer Associate
Microsoft · intermediate · 25% practical · $165 — official
Microsoft's Azure security engineering certification with approximately 25-30% IAM content — covering Azure RBAC, PIM, conditional access, managed identities, and B2C. Listed here as a cross-domain entry since IAM is a c…
CCPenX-AWS — SecOps Group Certified Cloud Pentesting eXpert AWS
The SecOps Group · expert · 100% practical · $510 — official
eXpert-tier (~7-hr practical, £400). AWS cloud pentesting — Lambda function abuse, IAM privilege escalation, cross-account role chaining, S3 bucket exploitation. Practical AWS lab environment. Budget alternative to ARTE …
CCPenX-Azure — SecOps Group Certified Cloud Pentesting eXpert Azure
The SecOps Group · expert · 100% practical · $510 — official
eXpert-tier (~7-hr practical, £400). Azure cloud pentesting — Entra ID token abuse, storage exploitation, App Registration abuse, Azure AD Connect attacks. Live Azure lab environment.
SC-100 — Microsoft Certified: Cybersecurity Architect Expert
Microsoft · expert · 0% practical · $165 — official
Microsoft's expert-level cybersecurity architect certification covering Zero Trust design, security operations strategies, and security architecture across the Microsoft cloud and hybrid ecosystem. Requires a prerequisit…
GDSA — GIAC Defensible Security Architecture
GIAC / SANS Institute · expert · 25% practical · $999 — official
GIAC's certification for designing defensible security architectures covering Zero Trust implementation, network segmentation, detection architecture, and threat-informed defensive design. DoD 8140 approved. Bridges the …
GCAD — GIAC Cloud Security Architecture and Design
GIAC / SANS Institute · expert · 25% practical · $999 — official
GIAC's cloud security architecture certification covering the design and architectural aspects of securing cloud environments — threat modeling, network architecture, identity design, and data protection at a strategic l…
CCZT — Certificate of Competence in Zero Trust
Cloud Security Alliance (CSA) · intermediate · 0% practical · $395 — official
The only vendor-neutral certification dedicated specifically to Zero Trust architecture and implementation. Based on the CSA's Zero Trust Advancement Center framework. Not DoD 8140 approved but increasingly relevant as Z…

Application Security (17 certs)

Web application penetration testing, secure software development lifecycle, DevSecOps, API security, and software supply chain security.

GWEB — GIAC Web Application Penetration Tester
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
GIAC's web application penetration testing certification and the DoD 8140 approved option in the web app security space. Covers the full web application testing methodology including authentication, injection, XSS, CSRF,…
CSSLP — Certified Secure Software Lifecycle Professional
ISC2 · expert · 0% practical · $599 — official
ISC2's software security certification covering the full secure software development lifecycle — from security requirements through secure design, coding, testing, deployment, and operations. DoD 8140 approved and the pr…
CASE Java — Certified Application Security Engineer – Java
EC-Council · intermediate · 25% practical · $450 — official
EC-Council's application security certification for Java developers covering secure coding practices, vulnerability mitigation, and security controls implementation in Java applications. Language-specific focus makes it …
CASE .NET — Certified Application Security Engineer – .NET
EC-Council · intermediate · 25% practical · $450 — official
EC-Council's application security certification for .NET developers — the Microsoft stack equivalent of CASE Java. Covers secure coding in C# and .NET, vulnerability mitigation, and security control implementation. Not D…
GHAS — GitHub Advanced Security
GitHub (Microsoft) · intermediate · 25% practical · $99 — official
GitHub's proctored certification (exam GH-500) covering the full GitHub Advanced Security feature set — CodeQL, secret scanning, Dependabot, dependency review, and SBOM generation. Delivered via Pearson VUE with genuine …
CAP — SecOps Group Certified AppSec Practitioner
The SecOps Group · beginner · 0% practical · $32 — official
Essentials-tier (60-min MCQ, £25). Entry-level OWASP Top 10 and web application security fundamentals. Pass ≥60%. The cheapest way to get a named web-app security credential — useful as a portfolio item for those startin…
CAPen — SecOps Group Certified AppSec Pentester
The SecOps Group · intermediate · 70% practical · $320 — official
Professional-tier (~4-hr practical CTF, £250). Hands-on web application pentesting exam covering OWASP Top 10 in a live lab. Listed in Synack Red Team's preferred pathway alongside CNPen — one of SecOps Group's most indu…
CAPenX — SecOps Group Certified AppSec Pentesting eXpert
The SecOps Group · expert · 100% practical · $510 — official
eXpert-tier (~7-hr practical CTF, £400). Advanced web app security — XSS chains, race conditions, JWT forging, XXE, deserialization. The hardest SecOps Group web credential. Upgrade path from CAPen.
C-APIPen — SecOps Group Certified API Pentester
The SecOps Group · intermediate · 70% practical · $320 — official
Professional-tier (~4-hr practical, £250). Hands-on API security testing covering OWASP API Top 10, BOLA/BFLA, auth flaws, GraphQL injection. Practical lab environment. Affordable alternative to Portswigger Web Security …
CDAPen — SecOps Group Certified Desktop Application Pentester
The SecOps Group · intermediate · 70% practical · $320 — official
Professional-tier (~4-hr practical, £250). Thick-client and desktop application security testing on Windows and Linux. Covers DLL hijacking, insecure storage, traffic interception of desktop apps. Rare credential in a ni…
Web-RTA — CyberWarFare Labs Certified Web Red Team Analyst
CyberWarFare Labs · beginner · 70% practical · $49 — official
Practical challenges, unlimited attempts ($49). Entry-level web application security testing — OWASP Top 10, SQL injection, XSS, broken auth. Affordable entry point into web pentesting practical credentials.
API-RTA — CyberWarFare Labs Certified API Red Team Analyst
CyberWarFare Labs · beginner · 70% practical · $49 — official
Practical, unlimited attempts ($49). API security testing fundamentals — OWASP API Top 10, BOLA, broken function-level auth, mass assignment, rate limiting bypass.
ASCPC — White Knight Labs Attacking and Securing CI/CD Pipeline Certification
White Knight Labs · intermediate · 100% practical · $600 — official
WKL's CI/CD security certification. ~$500-700 on-demand, $2,000 live. Hands-on labs deployed in Azure via portal (no VPN required). Covers GitHub Actions, CircleCI, Docker, Kubernetes, Azure DevOps, and AWS CodeBuild fro…
CASP — Practical DevSecOps Certified API Security Professional
Practical DevSecOps · intermediate · 100% practical · $899 — official
Practical DevSecOps's API security certification. 5 task-based challenges, 6-hour lab + 24-hour report, 80% pass. Covers OWASP API Top 10, broken object-level and function-level authorization, OAuth 2.0/JWT exploitation,…
CSC — Practical DevSecOps Certified Security Champion
Practical DevSecOps · beginner · 100% practical · $599 — official
Practical DevSecOps's entry-level developer security credential aimed at security champions — developers who take on a security advocate role within engineering teams. 5 task-based challenges, 6-hour lab + 24-hour report…
CISE — 8kSec Certified iOS Security Engineer
8kSec · intermediate · 100% practical · $119 — official
8kSec's iOS-specific application security engineering credential. Hands-on practical exam in a Corellium iOS lab with written report graded by 8kSec panel within 3 business days. Bundled with the iOS security course; ret…
CASE — 8kSec Certified Android Security Engineer
8kSec · intermediate · 100% practical · $119 — official
8kSec's Android-specific application security engineering credential. Hands-on practical exam in a Corellium Android lab with written report. Bundled with the Android security course; retake $119. Covers Android platform…

Threat Intelligence (12 certs)

Cyber threat intelligence analysis, threat actor profiling, TTP analysis, IOC management, and intelligence platform operations.

CD-CTIA — CyberDefenders Certified Threat Intelligence Analyst
CyberDefenders · beginner · 70% practical · $299 — official
CyberDefenders' threat intelligence certification using their practical lab-based exam format. Covers CTI fundamentals including IOC collection, threat intelligence platforms, OSINT, and intelligence sharing frameworks. …
MISP Analyst — MISP Threat Intelligence Analyst Certification
CIRCL / MISP Project · beginner · 50% practical · $0 — official
CIRCL's certification for MISP — the most widely deployed open-source threat intelligence sharing platform globally. Free to obtain via the MISP Project's training and assessment program. Covers MISP event management, IO…
RF Certified — Recorded Future Certified Intelligence Analyst
Recorded Future · intermediate · 25% practical · $0 — official
Recorded Future's analyst certification for their threat intelligence platform — one of the most widely deployed commercial CTI platforms in enterprise and government. Free for Recorded Future customers. Covers platform …
Anomali Certified — Anomali Certified Threat Intelligence Analyst
Anomali · intermediate · 25% practical · $0 — official
Anomali's certification for their ThreatStream threat intelligence platform. Free for Anomali customers. Covers ThreatStream navigation, IOC management, intelligence feed integration, and actor tracking. Vendor platform …
OPSWAT CTI — OPSWAT Certified Threat Intelligence Analyst
OPSWAT Academy · beginner · 25% practical · $0 — official
OPSWAT Academy's free threat intelligence fundamentals certification covering CTI basics including IOC types, feed consumption, and the intelligence lifecycle at an introductory level. Not DoD 8140 approved and limited h…
CREST CIP — CREST Certified Intelligence Professional
CREST · expert · 50% practical · $1500 — official
CREST's advanced threat intelligence certification for senior CTI practitioners covering strategic intelligence analysis, attribution, collection management, and intelligence product development for senior stakeholders. …
GSOA — GIAC Strategic OSINT Analyst
GIAC · intermediate · 25% practical · $999 — official
GIAC's newest threat intelligence and OSINT certification, with the current exam version released November 8, 2025. GSOA validates the ability to automate investigations with Python, analyze data at scale, and uncover th…
OSIP — IntelTechniques OSINT Investigator Professional
IntelTechniques · intermediate · 100% practical · $300 — official
Michael Bazzell's (IntelTechniques) formal OSINT certification, developed and proctored by Jason Edison. One of the few OSINT credentials using live 1-on-1 proctoring with a scenario-based investigation format rather tha…
GOSI — GIAC Open Source Intelligence
GIAC / SANS Institute · intermediate · 25% practical · $979 — official
GIAC's OSINT certification associated with SANS SEC497. Covers OSINT methodology, social media intelligence, geolocation, dark web research, and OSINT tool usage. Open-book MCQ exam — build indexed notes by OSINT categor…
MCTIA — Mandiant Cyber Threat Intelligence Analysis
Mandiant Academy (Google Cloud) · intermediate · 0% practical · $250 — official
Mandiant Academy's (Google Cloud) standalone CTI analyst certification — a genuine, separately proctored exam, not a course-completion badge. Up to 50 MCQ delivered via Kryterion online live proctoring, 60-minute window,…
FTIA — arcX Foundation Level Threat Intelligence Analyst
arcX · beginner · 0% practical · $0 — official
arcX's free entry-level CTI credential, awarded on passing the final exam embedded in the free 'Cyber Threat Intelligence 101' course (~2.5 hours, 11 modules). Covers CTI definitions, the intelligence lifecycle, threat a…
PTIA — arcX Practitioner Threat Intelligence Analyst
arcX · intermediate · 25% practical · $380 — official
arcX's practitioner-level CTI credential, awarded on passing the final exam of the ~17-hour 'Cyber Threat Intelligence Practitioner' course (~£300/~$380). Course content is validated by CREST to cover the full CREST Prac…

Vulnerability Management (15 certs)

Vulnerability scanning, risk-based prioritization, remediation tracking, and enterprise vulnerability management program design.

Tenable VM Specialist — Tenable Vulnerability Management Specialist
Tenable · intermediate · 50% practical · $540 — official
Tenable's flagship VM platform certification requiring both a written exam (80% pass) and a practical task-based exam (80% pass) delivered via ProctorU. Covers the full Tenable Vulnerability Management (Tenable.io) platf…
Tenable VM Expert — Tenable Vulnerability Management Expert
Tenable · expert · 50% practical · $0 — official
Tenable's expert-level VM certification covering advanced platform configuration, enterprise program design, API integration, and multi-cloud vulnerability management. Requires the Specialist as a prerequisite. Pricing i…
Tenable SC Specialist — Tenable Security Center Specialist
Tenable · intermediate · 50% practical · $540 — official
Tenable's certification for Security Center — their on-premises VM platform used heavily in air-gapped, government, and regulated environments where cloud-based Tenable.io is not viable. Written plus practical exam, both…
Tenable SC Expert — Tenable Security Center Expert
Tenable · expert · 50% practical · $0 — official
Tenable's expert-level Security Center certification covering advanced administration, enterprise architecture design, and API integration for the on-premises Security Center platform. Pricing not publicly listed — conta…
Tenable OT Specialist — Tenable OT Security Specialist
Tenable · intermediate · 50% practical · $540 — official
Tenable's OT Security certification for their industrial cybersecurity platform covering OT asset discovery, vulnerability management, and risk assessment in industrial environments. Written plus practical exam, ProctorU…
Qualys VMDR — Qualys Certified Specialist – VMDR with TruRisk
Qualys · intermediate · 0% practical · $0 — official
Qualys's flagship vulnerability management certification covering the full VMDR (Vulnerability Management Detection and Response) with TruRisk platform. Free, unproctored, open-book, 75% passing score with 5 attempts. No…
Qualys CSAM — Qualys Certified Specialist – CyberSecurity Asset Management
Qualys · intermediate · 0% practical · $0 — official
Qualys's asset management certification covering CyberSecurity Asset Management — their CAASM platform for complete asset inventory, software tracking, and attack surface visibility. Free, unproctored, 75% passing. Cover…
Qualys TruRisk Eliminate — Qualys Certified Specialist – TruRisk Eliminate
Qualys · intermediate · 0% practical · $0 — official
Qualys's remediation-focused certification — the successor to the former Patch Management cert, expanded to cover TruRisk Eliminate which integrates patching, mitigation, and isolation as a unified remediation framework.…
Qualys TotalAppSec — Qualys Certified Specialist – TotalAppSec
Qualys · intermediate · 0% practical · $0 — official
Qualys's web and API security scanning certification — the 2025 successor to the retired WAS (Web Application Scanning) cert, expanded to cover the full TotalAppSec platform including DAST and API security scanning. Free…
Qualys PCI — Qualys Certified Specialist – PCI Compliance
Qualys · intermediate · 0% practical · $0 — official
Qualys's PCI DSS compliance scanning certification covering the configuration and execution of PCI-required vulnerability scans — both external ASV scanning and internal scanning per PCI DSS requirements. Free, unproctor…
Qualys Policy Audit — Qualys Certified Specialist – Policy Audit
Qualys · intermediate · 0% practical · $0 — official
Qualys's configuration compliance certification — renamed from Policy Compliance to Policy Audit in 2024-2025. Covers CIS Benchmark-based compliance scanning, policy management, and remediation planning for configuration…
Qualys ETM — Qualys Certified Specialist – Enterprise TruRisk Management
Qualys · expert · 0% practical · $0 — official
Qualys's enterprise risk management certification covering their Risk Operations Center (ROC) concept and Enterprise TruRisk Management platform — the strategic layer above individual product modules. Covers cross-asset-…
InsightVM Admin — InsightVM Certified Administrator
Rapid7 · intermediate · 25% practical · $215 — official
Rapid7's certification for InsightVM — their vulnerability management platform. Online exam, open-book, unproctored, 80% passing score, 2-hour window. Not DoD 8140 approved. Rapid7 has significant enterprise market share…
Qualys Cloud Agent — Qualys Certified Specialist – Cloud Agent
Qualys · beginner · 0% practical · $0 — official
Qualys's certification for their Cloud Agent technology — the lightweight agent deployed on endpoints for continuous, credential-less vulnerability assessment. Free, unproctored. Covers agent deployment, configuration, a…
Qualys TotalCloud — Qualys Certified Specialist – TotalCloud
Qualys · intermediate · 0% practical · $0 — official
Qualys's cloud security posture management certification covering TotalCloud — their CNAPP platform for cloud infrastructure vulnerability management and compliance. Free, unproctored. Covers cloud asset inventory, CSPM …

Network Security (23 certs)

Network security engineering, firewall administration, IDS/IPS, VPNs, and network security architecture across major vendors.

CNSP — SecOps Group Certified Network Security Practitioner
The SecOps Group · beginner · 0% practical · $32 — official
Essentials-tier (60-min MCQ, £25). Broad network and security fundamentals — TCP/IP, Nmap usage, Wireshark basics, AD concepts, Linux/Windows security, and OSINT introduction. The entry point into the SecOps Group ladder…
Network+ — CompTIA Network+
CompTIA · beginner · 25% practical · $358 — official
CompTIA's networking foundation certification and the most recognized entry-level networking credential globally. Covers TCP/IP, network infrastructure, troubleshooting, and basic network security. DoD 8140 approved and …
CCNA — Cisco Certified Network Associate
Cisco · beginner · 25% practical · $330 — official
Cisco's foundational networking certification and one of the most recognized IT credentials in the world. Covers routing, switching, network access, security fundamentals, and basic automation in Cisco environments. DoD …
CCNP Security — Cisco Certified Network Professional Security
Cisco · expert · 25% practical · $400 — official
Cisco's professional-level network security certification requiring one core exam plus one concentration exam from a portfolio covering firewalls, VPNs, identity services, and secure access. DoD 8140 approved and expecte…
CCIE Security — Cisco Certified Internetwork Expert Security
Cisco · elite · 50% practical · $1600 — official
The highest Cisco certification and one of the most prestigious credentials in networking — the CCIE Security requires passing a written qualifying exam followed by an 8-hour hands-on lab exam in a Cisco testing facility…
JNCIA-SEC — Juniper Networks Certified Associate – Security
Juniper Networks (HPE) · beginner · 0% practical · $200 — official
Juniper's entry-level security certification covering SRX firewall basics, security zones, and fundamental VPN configuration in Junos OS. Not DoD 8140 approved. Juniper has significant presence in service provider, finan…
JNCIS-SEC — Juniper Networks Certified Specialist – Security
Juniper Networks (HPE) · intermediate · 0% practical · $300 — official
Juniper's specialist-level security certification covering advanced SRX configuration, IPsec VPN, NAT, IDS/IPS, UTM, and high availability. Not DoD 8140 approved. The intermediate tier on the Juniper security certificati…
JNCIP-SEC — Juniper Networks Certified Professional – Security
Juniper Networks (HPE) · expert · 0% practical · $400 — official
Juniper's professional-level security certification covering complex SRX architecture, advanced VPN design, routing security integration, and chassis cluster design. Not DoD 8140 approved. The third tier on the Juniper s…
JNCIE-SEC — Juniper Networks Certified Expert – Security
Juniper Networks (HPE) · elite · 100% practical · $1200 — official
Juniper's expert-level certification and the highest Juniper security credential — an 8-hour hands-on lab exam testing expert-level design, implementation, and troubleshooting of complex Juniper security infrastructures.…
FCP – Secure Networking — Fortinet Certified Professional – Secure Networking
Fortinet · intermediate · 25% practical · $200 — official
Fortinet's professional-level network security certification introduced as part of the October 2025 program restructure — replacing the NSE 4/5 level within the new FCA → FCP → FCSS → FCX hierarchy. Covers FortiGate admi…
FCSS – Secure Networking — Fortinet Certified Solution Specialist – Secure Networking
Fortinet · expert · 25% practical · $300 — official
Fortinet's specialist-level network security certification covering advanced FortiGate configuration, enterprise firewall design, and SD-WAN implementation. Part of the post-October 2025 certification hierarchy above FCP…
FCX — Fortinet Certified Expert
Fortinet · elite · 50% practical · $800 — official
Fortinet's highest-tier expert certification — the successor to NSE 8 in the 2025 restructure. Includes a significant hands-on practical component alongside the written exam, testing expert-level design and troubleshooti…
CCSM — Check Point Certified Security Master
Check Point · expert · 25% practical · $500 — official
Check Point's master-level certification covering complex multi-domain deployments, advanced high availability design, automation, and enterprise-scale Check Point architecture. Not DoD 8140 approved. The highest practit…
PANW NSP — Palo Alto Networks Certified Network Security Professional
Palo Alto Networks · intermediate · 0% practical · $200 — official
Palo Alto Networks' professional-level network security certification covering PAN-OS administration, security policy design, App-ID, User-ID, and WildFire integration. Part of the new role-based framework launched in 20…
PANW NGFW Engineer — Palo Alto Networks Certified NGFW Engineer
Palo Alto Networks · expert · 25% practical · $250 — official
Palo Alto Networks' specialist-level NGFW engineering certification covering advanced PAN-OS configuration, architecture design, high availability, and Cortex integration. Part of the post-2025 role-based framework. In-p…
PANW NSA — Palo Alto Networks Certified Network Security Analyst
Palo Alto Networks · intermediate · 0% practical · $200 — official
Palo Alto Networks' analyst-level certification focused on monitoring, log analysis, and incident investigation using Palo Alto firewalls — the blue team counterpart to the NSP engineering cert. Part of the 2025 role-bas…
PANW NSA Architect — Palo Alto Networks Certified Network Security Architect
Palo Alto Networks · elite · 25% practical · $300 — official
Palo Alto Networks' architect-level certification — the highest in the Network Security track — covering enterprise network security architecture, Zero Trust network design, and multi-site Palo Alto deployments including…
FCSS – SASE — Fortinet Certified Solution Specialist – SASE
Fortinet · expert · 25% practical · $300 — official
Fortinet's SASE specialist certification covering Fortinet's SASE platform including Zero Trust Network Access (ZTNA), Secure SD-WAN, and cloud-delivered security services. Part of the post-October 2025 certification res…
F5 CTS-LTM — F5 Certified Technology Specialist – Local Traffic Manager
F5 · expert · 25% practical · $250 — official
F5's Local Traffic Manager certification covering BIG-IP LTM administration, load balancing, SSL offloading, and iRules development. Not DoD 8140 approved. F5 BIG-IP has significant deployment in large enterprise, financ…
F5 CTS-ASM — F5 Certified Technology Specialist – Application Security Manager
F5 · expert · 25% practical · $250 — official
F5's Application Security Manager certification covering BIG-IP ASM WAF configuration, policy management, DDoS protection, and bot mitigation. Not DoD 8140 approved. F5 ASM is one of the most widely deployed WAF platform…
CWSP — Certified Wireless Security Professional
CWNP · intermediate · 25% practical · $350 — official
CWNP's enterprise wireless security certification covering WLAN security policy, wireless intrusion prevention systems, 802.1X/EAP frameworks, WPA3, and rogue device detection. Sits above CWNA in the CWNP stack and valid…
CWNE — CWNP Certified Wireless Network Expert
CWNP · elite · 25% practical · $500 — official
CWNP's elite wireless networking credential and the final step in the CWNP Wi-Fi Program. Unlike most certifications, CWNE has no exam — it is earned through a rigorous application process requiring: valid and current CW…
WCNA — Worldwide Certified Network Analyst
Chappell University / Protocol Analysis Institute · intermediate · 0% practical · $299 — official
The de facto Wireshark certification, owned and administered by Chappell University / Protocol Analysis Institute (Laura Chappell's organization) — not the official Wireshark Foundation. The WCNA validates packet-level a…

Security Architecture & Engineering (9 certs)

Enterprise security architecture, security engineering, Zero Trust design, cryptography, and security program leadership.

ISSAP — Information Systems Security Architecture Professional
ISC2 · expert · 0% practical · $599 — official
ISC2's CISSP concentration for security architects — requires active CISSP certification as a prerequisite. Covers security architecture frameworks, IAM architecture design, cryptography and PKI architecture, requirement…
ISSEP — Information Systems Security Engineering Professional
ISC2 · expert · 0% practical · $599 — official
ISC2's CISSP concentration for security engineers — requires active CISSP. Covers systems security engineering, certification and accreditation processes, technical management, and US government information assurance pol…
SCF — SABSA Chartered Foundation
The SABSA Institute · intermediate · 25% practical · $1500 — official
The foundation level of the SABSA (Sherwood Applied Business Security Architecture) certification — one of the most rigorous and respected security architecture frameworks globally. SABSA provides a comprehensive busines…
SCP — SABSA Chartered Practitioner
The SABSA Institute · expert · 50% practical · $2500 — official
The practitioner tier of SABSA certification covering the logical, physical, component, and operational architecture layers — moving from framework knowledge into applied methodology. Significant practical component incl…
SCM — SABSA Chartered Master
The SABSA Institute · elite · 70% practical · $4000 — official
The highest SABSA certification — held by a very small number of senior security architects globally. Requires SCF and SCP plus extensive documented architecture experience and a comprehensive master's-level assignment. …
SecurityX — CompTIA SecurityX
CompTIA · expert · 25% practical · $509 — official
CompTIA's advanced security practitioner certification — rebranded from CASP+ to SecurityX in 2024. Covers enterprise security architecture, advanced threat management, IAM architecture, cryptography, governance, and clo…
Open FAIR — Open FAIR 2 Certification
The Open Group · intermediate · 0% practical · $320 — official
The Open Group's FAIR (Factor Analysis of Information Risk) certification covering quantitative cyber risk analysis — the methodology for expressing cybersecurity risk in financial terms that business leaders understand.…
TOGAF IRS — TOGAF Integrating Risk and Security Credential
The Open Group · intermediate · 0% practical · $495 — official
The Open Group's credential for integrating security and risk into TOGAF-based enterprise architecture work. Covers how to embed security requirements, risk management, and security architecture into the TOGAF Architectu…
CTMP — Practical DevSecOps Certified Threat Modeling Professional
Practical DevSecOps · intermediate · 100% practical · $899 — official
Practical DevSecOps's threat modeling certification. 5 task-based challenges, 6-hour lab + 24-hour report, 80% pass. Covers STRIDE, PASTA, DREAD, MITRE ATT&CK integration, Agile threat modeling, Privacy threat modeling, …

Identity & Access Management (24 certs)

Identity governance, privileged access management, authentication and MFA, federation, SSO, and identity platform administration.

CIDPRO — Certified Identity Professional
IDPro · intermediate · 25% practical · $595 — official
The only vendor-neutral IAM practitioner certification from IDPro — the professional body specifically for identity practitioners. Covers the breadth of IAM including identity lifecycle, access management, authentication…
SC-300 — Microsoft Certified: Identity and Access Administrator Associate
Microsoft · intermediate · 25% practical · $165 — official
Microsoft's IAM certification covering the full Microsoft Entra ID (formerly Azure AD) platform — identity lifecycle, conditional access, PIM, external identities, and application access management. Given Microsoft's dom…
OCP — Okta Certified Professional
Okta · beginner · 0% practical · $150 — official
Okta's entry-level certification covering basic Okta platform administration, user provisioning, SSO configuration, and MFA setup. All Okta exams now test Okta Identity Engine (OIE) exclusively — Classic Engine exam cont…
OCA — Okta Certified Administrator
Okta · intermediate · 0% practical · $150 — official
Okta's administrator-level certification covering advanced administration, lifecycle management, advanced SSO, group policy, and basic Workflows. The most commonly required Okta cert in job postings for Okta administrato…
OCC — Okta Certified Consultant
Okta · expert · 25% practical · $150 — official
Okta's certification for implementation consultants covering Okta deployment design, customer requirements analysis, migration planning, and advanced integration patterns. Targeted at partners and professional services s…
OCD — Okta Certified Developer
Okta · intermediate · 25% practical · $150 — official
Okta's developer certification covering API integration, OIDC/OAuth2 implementation, SDK usage, and custom application integration with Okta. Targeted at developers building applications that use Okta for authentication …
OCTA — Okta Certified Technical Architect
Okta · elite · 50% practical · $5000 — official
Okta's highest certification — a $5,000 board-defense style assessment where candidates present and defend a complex Okta architecture design before a panel of Okta technical experts. Unlike other Okta certs which are MC…
OCAG — Okta Certified Access Gateway Specialty
Okta · intermediate · 0% practical · $150 — official
Okta's specialty certification for Access Gateway — the on-premises component that extends Okta SSO to legacy applications that can't natively support SAML or OIDC. Niche cert relevant specifically in hybrid environments…
OCW — Okta Certified Workflows Specialty
Okta · intermediate · 25% practical · $150 — official
Okta's Workflows specialty certification covering no-code/low-code identity automation using the Okta Workflows platform. Covers flow design, connector usage, and automating identity lifecycle events. Not DoD 8140 approv…
CCT — CyberArk Certified Trustee
CyberArk · beginner · 0% practical · $0 — official
CyberArk's entry-level awareness certification covering fundamental PAM concepts and basic CyberArk platform awareness. Free. Not DoD 8140 approved. The starting point on the CyberArk certification path — primarily usefu…
CCD-PAM — CyberArk Certified Defender – PAM
CyberArk · intermediate · 25% practical · $300 — official
CyberArk's core PAM administration certification covering Vault administration, Privileged Session Manager, safe management, and account onboarding in the CyberArk Privileged Access Manager platform. Pearson VUE proctore…
CCS-PAM — CyberArk Certified Sentry – PAM
CyberArk · expert · 25% practical · $400 — official
CyberArk's advanced PAM certification covering high availability, disaster recovery, advanced PSM configuration, API integration, and complex automation. Pearson VUE proctored. Not DoD 8140 approved. The expert tier of t…
CCG — CyberArk Certified Guardian
CyberArk · elite · 25% practical · $600 — official
CyberArk's highest practitioner certification covering mastery of the full CyberArk platform — multi-product integration, enterprise PAM program design, and advanced troubleshooting at the architectural level. Pearson VU…
CCD-EPM — CyberArk Certified Defender – Endpoint Privilege Manager
CyberArk · intermediate · 25% practical · $300 — official
CyberArk's certification for the Endpoint Privilege Manager product — covering least privilege enforcement, application control, and EPM policy management on endpoints. Separate from the core PAM Defender cert and focuse…
CCD-Identity — CyberArk Certified Defender – Identity
CyberArk · intermediate · 25% practical · $300 — official
CyberArk's certification for their Identity platform — covering MFA, SSO, adaptive authentication, and user lifecycle management through the CyberArk Identity product (formerly Idaptive). Separate track from the core PAM…
SC-IIQ Associate — SailPoint Certified IdentityIQ Associate
SailPoint · beginner · 25% practical · $300 — official
SailPoint's entry-level IdentityIQ certification covering fundamentals of the on-premises IGA platform. Pearson VUE proctored (SailPoint uses Proctor360), DOMC format, 2-year validity. Customer and partner access only — …
SC-IIQ Engineer — SailPoint Certified IdentityIQ Engineer
SailPoint · expert · 25% practical · $400 — official
SailPoint's advanced IdentityIQ engineering certification covering connector configuration, custom rule development, workflow design, and BeanShell scripting for platform customization. DOMC format, Proctor360 proctored,…
SC-ISE — SailPoint Certified Identity Security Engineer
SailPoint · expert · 25% practical · $400 — official
SailPoint's cloud IGA engineering certification for the Identity Security Cloud platform (formerly IdentityNow). DOMC format, Proctor360 proctored, 2-year validity, credit-based recertification eligible. Customer and par…
SC-ISA — SailPoint Certified Identity Security Administrator
SailPoint · intermediate · 25% practical · $400 — official
SailPoint's newest certification — launched February 17, 2026 — targeting administrators of the Identity Security Cloud platform. Covers platform configuration, virtual appliance management, identity lifecycle administra…
HCV-A — HashiCorp Certified: Vault Associate
HashiCorp (IBM) · intermediate · 25% practical · $70 — official
HashiCorp's foundational Vault certification covering secrets management, dynamic secrets, authentication methods, and encryption as a service. Pearson VUE proctored. Not DoD 8140 approved. HashiCorp Vault is the dominan…
HCV-Pro — HashiCorp Certified: Vault Operations Professional
HashiCorp (IBM) · expert · 50% practical · $295 — official
HashiCorp's professional Vault certification covering advanced operations including clustering, replication, Vault Agent, performance tuning, and disaster recovery. Contains a practical lab component alongside the writte…
CP-PF — Certified Professional – PingFederate
Ping Identity · intermediate · 25% practical · $0 — official
Ping Identity's professional-level PingFederate certification covering SAML federation, OAuth/OIDC implementation, adapter configuration, and token translation. Currently suspended — Pearson VUE ceased delivering all Pin…
CP-PAM — Certified Professional – PingAM
Ping Identity · intermediate · 25% practical · $0 — official
Ping Identity's professional-level PingAM certification (formerly ForgeRock Access Management) covering authentication trees, journeys, OAuth/OIDC, SAML, and policy management. Currently suspended — same Pearson VUE depa…
CP-IDM — Certified Professional – PingIDM
Ping Identity · intermediate · 25% practical · $0 — official
Ping Identity's professional-level PingIDM certification (formerly ForgeRock Identity Management) covering identity synchronization, provisioning, connector configuration, and workflow design. Currently suspended since M…

OT / ICS / IoT Security (14 certs)

Operational technology security, industrial control systems, SCADA security, critical infrastructure protection, and IoT security.

GICSP — GIAC Global Industrial Cyber Security Professional
GIAC / SANS Institute · intermediate · 25% practical · $999 — official
The most recognized OT/ICS security certification globally and the benchmark credential for practitioners entering the industrial cybersecurity space. Jointly developed by GIAC, SANS, and asset owners from the energy, ut…
GCIP — GIAC Critical Infrastructure Protection
GIAC / SANS Institute · expert · 25% practical · $999 — official
GIAC's critical infrastructure protection certification with a specific focus on NERC CIP compliance and electric sector security. Covers NERC CIP standards, electric utility security programs, and critical infrastructur…
ISA 62443 Fundamentals — ISA/IEC 62443 Cybersecurity Fundamentals Specialist
ISA (International Society of Automation) · beginner · 25% practical · $800 — official
The entry-level ISA/IEC 62443 certification establishing foundational knowledge of the most widely adopted OT/ICS security standard globally. Covers the ISA-62443 framework including security levels, zones and conduits, …
ISA 62443 Risk Assessment — ISA/IEC 62443 Cybersecurity Risk Assessment Specialist
ISA (International Society of Automation) · intermediate · 25% practical · $1000 — official
The second tier of ISA-62443 certification covering risk assessment methodology specific to industrial control systems. Covers target security level determination, vulnerability and consequence analysis, countermeasure i…
ISA 62443 Design — ISA/IEC 62443 Cybersecurity Design Specialist
ISA (International Society of Automation) · intermediate · 25% practical · $1000 — official
The third tier of ISA-62443 certification covering the design of security zones, conduits, and countermeasures for ICS environments. Focuses on translating risk assessment results into concrete security architecture desi…
ISA 62443 Maintenance — ISA/IEC 62443 Cybersecurity Maintenance Specialist
ISA (International Society of Automation) · intermediate · 25% practical · $1000 — official
The fourth tier of ISA-62443 certification covering the operational maintenance of ICS security programs — patching, change management, continuous monitoring, and ongoing compliance in live industrial environments. Not D…
ISA 62443 Expert — ISA/IEC 62443 Cybersecurity Expert
ISA (International Society of Automation) · expert · 25% practical · $2500 — official
The capstone ISA-62443 certification requiring all four specialist certificates plus a comprehensive assessment covering program leadership, advanced risk management, and compliance program design. The highest ISA ICS se…
CSSA — Certified SCADA Security Architect
IACRB (Information Assurance Certification Review Board) · expert · 25% practical · $450 — official
IACRB's SCADA security architecture certification covering SCADA system architecture, vulnerability assessment, industrial protocol security, and access control design. Not DoD 8140 approved. Less well-known than GIAC GI…
CIoTSP — Certified IoT Security Practitioner
CertNexus · intermediate · 25% practical · $300 — official
CertNexus's IoT security practitioner certification covering IoT architecture security, embedded device hardening, network security for IoT deployments, and privacy considerations. Not DoD 8140 approved. One of very few …
CIoTP — Certified IoT Practitioner
CertNexus · beginner · 25% practical · $250 — official
CertNexus's entry-level IoT certification covering IoT architecture, connectivity, data management, and basic security concepts. Not DoD 8140 approved. More a technology awareness cert than a security practitioner creden…
OOSE — OPSWAT OT Security Expert
OPSWAT Academy · intermediate · 25% practical · $0 — official
OPSWAT Academy's free OT security certification covering industrial cybersecurity concepts, OT network monitoring, and critical infrastructure protection fundamentals. Not DoD 8140 approved. OPSWAT has a genuine product …
ICIP — OPSWAT Introduction to Critical Infrastructure Protection
OPSWAT Academy · beginner · 0% practical · $0 — official
OPSWAT Academy's free entry-level critical infrastructure protection certification covering CIP concepts, OT/IT differences, regulatory frameworks, and the industrial threat landscape. Not DoD 8140 approved. Foundational…
NNCE — Nozomi Networks Certified Engineer
Nozomi Networks · intermediate · 25% practical · $0 — official
Nozomi Networks' engineer-level certification for their OT/ICS network visibility and security platform. Free for Nozomi customers. Covers asset discovery, network monitoring, alert management, and vulnerability manageme…
FCSS OT — Fortinet Certified Solution Specialist – OT Security
Fortinet · expert · 25% practical · $300 — official
Fortinet's OT security specialist certification covering their Fortinet Security Fabric for OT environments — network segmentation, industrial DMZ design, and FortiGate configuration for OT/ICS protection. Part of the po…

Governance, Risk & Compliance (30 certs)

IT audit, risk management, compliance frameworks, business continuity, third-party risk, and information security governance.

CISA — Certified Information Systems Auditor
ISACA · expert · 0% practical · $760 — official
The gold standard IT audit certification globally and one of the most recognized credentials in the GRC space. Covers IS audit process, IT governance, systems and infrastructure, IT asset management, and information asse…
CISM — Certified Information Security Manager
ISACA · expert · 0% practical · $760 — official
ISACA's information security management certification and one of the most recognized credentials for security managers and CISOs globally. Requires five years of IS management experience. DoD 8140 approved. CISM is expli…
CRISC — Certified in Risk and Information Systems Control
ISACA · expert · 0% practical · $760 — official
ISACA's IT risk management certification and the most recognized credential specifically for IT risk professionals. Requires three years of IT risk management experience. Not DoD 8140 approved but highly recognized in en…
CGEIT — Certified in the Governance of Enterprise IT
ISACA · expert · 0% practical · $760 — official
ISACA's IT governance certification covering strategic alignment of IT with business objectives, value delivery, risk optimization, and performance measurement. Targeted at CIOs, IT directors, and senior executives respo…
CGRC — Certified in Governance, Risk and Compliance
ISC2 · expert · 0% practical · $599 — official
ISC2's GRC certification — formerly known as CAP (Certified Authorization Professional) — covering the NIST Risk Management Framework, authorization processes, and continuous monitoring for federal systems. DoD 8140 appr…
ISO 27001 LI — PECB Certified ISO/IEC 27001 Lead Implementer
PECB · expert · 25% practical · $500 — official
PECB's ISO/IEC 27001 Lead Implementer certification covering the design and implementation of an Information Security Management System (ISMS) based on ISO 27001. Not DoD 8140 approved but ISO 27001 is the dominant inter…
ISO 27001 LA — PECB Certified ISO/IEC 27001 Lead Auditor
PECB · expert · 25% practical · $500 — official
PECB's ISO/IEC 27001 Lead Auditor certification covering third-party audit methodology for ISMS — the credential for practitioners who audit organizations against ISO 27001 rather than implement it. Not DoD 8140 approved…
ISO 27001 Foundation — PECB Certified ISO/IEC 27001 Foundation
PECB · beginner · 0% practical · $250 — official
PECB's entry-level ISO 27001 certification covering foundational ISMS concepts and ISO 27001 standard structure. Not DoD 8140 approved. The starting point on the PECB ISO 27001 path before Lead Implementer or Lead Audito…
ISO 31000 LRM — PECB Certified ISO 31000 Lead Risk Manager
PECB · expert · 25% practical · $500 — official
PECB's ISO 31000 risk management certification covering the international standard for enterprise risk management — a technology-agnostic framework applicable to any type of organizational risk. Not DoD 8140 approved. IS…
ISO 27005 LRM — PECB Certified ISO/IEC 27005 Lead Risk Manager
PECB · expert · 25% practical · $500 — official
PECB's ISO/IEC 27005 certification covering information security risk management methodology specific to ISMS — the companion standard to ISO 27001 that provides detailed guidance on risk assessment and treatment. Not Do…
ISO 22301 LI — PECB Certified ISO 22301 Lead Implementer
PECB · expert · 25% practical · $500 — official
PECB's ISO 22301 Lead Implementer certification covering the design and implementation of a Business Continuity Management System (BCMS) based on the international BCM standard. Not DoD 8140 approved. ISO 22301 is the gl…
GRCP — GRC Professional
OCEG · intermediate · 0% practical · $395 — official
OCEG's GRC Professional certification covering integrated governance, risk, and compliance methodology based on the GRC Capability Model (OCEG Redbook). Not DoD 8140 approved. OCEG positions GRC as an integrated discipli…
GRCA — GRC Auditor
OCEG · expert · 0% practical · $395 — official
OCEG's GRC Auditor certification covering the audit and assurance methodology for integrated GRC programs. Not DoD 8140 approved. Complements GRCP for practitioners who focus on the assurance and audit side of GRC rather…
CBCP — Certified Business Continuity Professional
DRI International · expert · 25% practical · $400 — official
DRI International's professional-level business continuity certification and the most recognized BC credential in North America. Requires two years of BC experience and a written exam covering all ten Professional Practi…
MBCP — Master Business Continuity Professional
DRI International · elite · 25% practical · $600 — official
DRI International's master-level business continuity certification — the highest credential in DRI's pathway requiring the CBCP plus five additional years of BC experience and a comprehensive exam. Not DoD 8140 approved.…
ABCP — Associate Business Continuity Professional
DRI International · beginner · 0% practical · $250 — official
DRI International's entry-level business continuity certification for those new to the BCM field — no experience requirement, just passing the Professional Practices exam. Not DoD 8140 approved. The starting point on the…
CCRP — Certified Cyber Resilience Professional
DRI International · expert · 25% practical · $450 — official
DRI International's cyber resilience certification bridging business continuity and cybersecurity — specifically covering how organizations recover from cyber incidents rather than just natural disasters or operational f…
MBCI — Member of the Business Continuity Institute
Business Continuity Institute (BCI) · expert · 25% practical · $600 — official
The Business Continuity Institute's membership-level certification and the primary BC credential in the UK and European markets — the BCI equivalent of DRI's CBCP. Requires demonstrated BCM experience and competency asse…
CBCI — Certificate of the Business Continuity Institute
Business Continuity Institute (BCI) · intermediate · 25% practical · $400 — official
The BCI's entry-level certification based on their Good Practice Guidelines — the foundation credential on the BCI path before MBCI. Not DoD 8140 approved. Recognized across European and Commonwealth BCM markets as a str…
CIA — Certified Internal Auditor
Institute of Internal Auditors (IIA) · expert · 0% practical · $695 — official
The IIA's flagship internal audit certification and the globally recognized credential for internal auditors. Covers internal audit methodology, governance, risk assessment, and control evaluation — not technology-specif…
CTPRP — Certified Third Party Risk Professional
Shared Assessments · intermediate · 25% practical · $595 — official
Shared Assessments' certification for third-party risk management professionals — one of the only dedicated TPRM credentials in the market. Covers vendor risk assessment methodology, due diligence processes, TPRM program…
CTPRA — Certified Third Party Risk Assessor
Shared Assessments · intermediate · 25% practical · $495 — official
Shared Assessments' assessor-level certification focused on executing third-party assessments using the Standardized Information Gathering (SIG) questionnaire framework. More operationally focused than CTPRP — while CTPR…
CCSFP — HITRUST Certified CSF Practitioner
HITRUST · intermediate · 25% practical · $700 — official
HITRUST's practitioner certification for their Common Security Framework — the dominant security compliance framework in US healthcare and increasingly in other regulated industries. Covers CSF structure, assessment meth…
FAIR-CCRP — FAIR Certified Cyber Risk Professional
FAIR Institute · intermediate · 25% practical · $500 — official
The FAIR Institute's cyber risk quantification certification — launched with a tiered structure in early 2026 covering the FAIR (Factor Analysis of Information Risk) model for expressing cybersecurity risk in financial t…
GSNA — GIAC Systems and Network Auditor
GIAC · intermediate · 25% practical · $979 — official
GIAC's IT systems and network auditing certification — the technical audit companion to governance-focused credentials like CISA. Covers network infrastructure audit techniques, operating system audit procedures, web app…
RESILIA Foundation — RESILIA Foundation
PeopleCert / Axelos · beginner · 0% practical · $300 — official
RESILIA Foundation is Axelos/PeopleCert's entry-level cyber resilience credential, designed to introduce cyber security best practices aligned to ITIL 4 principles and organizational resilience frameworks. MCQ-only forma…
RESILIA Practitioner — RESILIA Practitioner
PeopleCert / Axelos · intermediate · 0% practical · $600 — official
RESILIA Practitioner is the advanced tier of Axelos/PeopleCert's cyber resilience program. Scenario-based exam testing practical application of RESILIA principles — open-book, higher complexity than Foundation. Requires …
ITIL4-ISM — ITIL 4 Practitioner: Information Security Management
PeopleCert / Axelos · intermediate · 0% practical · $450 — official
The only genuinely security-focused module in the ITIL 4 Practitioner series. Covers information security management practice within the ITIL 4 service value system — security policies, risk assessment, security incident…
PCIP — PCI Security Standards Council Payment Card Industry Professional
PCI Security Standards Council · intermediate · 0% practical · $1700 — official
The only individually portable credential issued by the PCI Security Standards Council. PCIP validates knowledge of PCI DSS 4.0 and supporting PCI standards (PA-DSS legacy, PIN Security, P2PE, 3DS). Domain coverage: PCI …
CISSP — Certified Information Systems Security Professional
ISC2 · expert · 0% practical · $749 — official
The gold standard senior security certification globally and the most recognized credential for security management and architecture roles. Covers all eight CISSP domains across the breadth of information security — arch…

Data Security & Privacy (17 certs)

Privacy law and compliance, GDPR, privacy engineering, data loss prevention, data classification, and privacy program management.

CIPP/US — Certified Information Privacy Professional – United States
IAPP · intermediate · 0% practical · $550 — official
The most widely held privacy certification in the United States covering the full landscape of US federal and state privacy law including HIPAA, CCPA/CPRA, FERPA, GLBA, COPPA, and sector-specific regulations. Not DoD 814…
CIPP/E — Certified Information Privacy Professional – Europe
IAPP · intermediate · 0% practical · $550 — official
The most widely held European privacy certification and the benchmark credential for GDPR compliance globally. Covers the full GDPR framework including lawful basis, data subject rights, DPIAs, controller/processor relat…
CIPP/C — Certified Information Privacy Professional – Canada
IAPP · intermediate · 0% practical · $550 — official
IAPP's Canadian privacy certification covering PIPEDA, the proposed CPPA framework, provincial privacy legislation, and public sector privacy in Canada. Not DoD 8140 approved. Most relevant for privacy professionals work…
CIPP/A — Certified Information Privacy Professional – Asia
IAPP · intermediate · 0% practical · $550 — official
IAPP's Asia-Pacific privacy certification covering privacy laws across the region including Singapore PDPA, Thailand PDPA, South Korea PIPA, Japan APPI, and the APEC Privacy Framework. Not DoD 8140 approved. Most relevan…
CIPP/CN — Certified Information Privacy Professional – China
IAPP · intermediate · 0% practical · $550 — official
IAPP's China-specific privacy certification covering the Personal Information Protection Law (PIPL), Data Security Law (DSL), and Cybersecurity Law (CSL) — China's comprehensive data governance framework. Not DoD 8140 ap…
CIPM — Certified Information Privacy Manager
IAPP · expert · 0% practical · $550 — official
IAPP's privacy management certification covering the operational side of running a privacy program — governance frameworks, privacy risk assessment, data mapping, privacy operations, and Data Protection Officer responsib…
CIPT — Certified Information Privacy Technologist
IAPP · expert · 0% practical · $550 — official
IAPP's technology-focused privacy certification bridging the gap between legal privacy requirements and technical implementation. Covers Privacy by Design, anonymization, pseudonymization, privacy-enhancing technologies,…
AIGP — AI Governance Professional
IAPP · intermediate · 0% practical · $550 — official
IAPP's AI governance certification covering the intersection of AI regulation, ethics, risk management, and privacy — launched to address the EU AI Act and global AI governance frameworks. Not DoD 8140 approved. One of v…
FIP — Fellow of Information Privacy
IAPP · elite · 0% practical · $0 — official
IAPP's highest designation — not a standalone exam but an elevated status requiring active CIPP certification plus either CIPM or CIPT, demonstrating comprehensive privacy expertise across law, management, and technology…
CDPSE — Certified Data Privacy Solutions Engineer
ISACA · expert · 0% practical · $760 — official
ISACA's technical privacy certification covering the engineering and architecture aspects of privacy solutions — how to technically implement privacy controls, data governance, and privacy by design. Requires two years o…
SC-401 — Microsoft Certified: Information Security Administrator Associate
Microsoft · intermediate · 25% practical · $165 — official
Microsoft's information security and compliance certification — launched in 2025 replacing the retired SC-400. Covers Microsoft Purview for data classification, DLP, information protection labels, insider risk management…
PDPF — EXIN Privacy and Data Protection Foundation
EXIN · beginner · 0% practical · $250 — official
EXIN's foundational privacy certification covering GDPR basics and data protection principles. Not DoD 8140 approved. Particularly recognized in Netherlands and Benelux markets where EXIN originates. A reasonable entry p…
PDPP — EXIN Privacy and Data Protection Practitioner
EXIN · intermediate · 0% practical · $350 — official
EXIN's practitioner-level privacy certification covering GDPR implementation, DPIA execution, DPO responsibilities, and data breach management. Not DoD 8140 approved. More practical than the Foundation cert but covers si…
ISO 27701 LI — PECB Certified ISO/IEC 27701 Lead Implementer
PECB · expert · 25% practical · $500 — official
PECB's ISO/IEC 27701 Lead Implementer certification covering the Privacy Information Management System (PIMS) standard — the privacy extension to ISO 27001. Covers implementing privacy controls as an extension of an exis…
OTCPP — OneTrust Certified Privacy Professional
OneTrust · intermediate · 25% practical · $0 — official
OneTrust's platform certification covering their privacy management platform — the most widely deployed privacy operations tool globally. Free for OneTrust customers. Covers data mapping, DPIA workflow, consent managemen…
HCISPP — HealthCare Information Security and Privacy Practitioner
ISC2 · intermediate · 0% practical · $599 — official
ISC2's healthcare-specific security and privacy certification covering HIPAA Security Rule, Privacy Rule, PHI handling, and healthcare compliance frameworks. Not DoD 8140 approved. The intersection of security and privac…
CDMP — Certified Data Management Professional
DAMA International · intermediate · 0% practical · $300 — official
DAMA International's data management certification covering the full DAMA-DMBOK2 knowledge framework including data governance, quality, architecture, security, and lifecycle management. Not DoD 8140 approved. CDMP is th…

AI Security (12 certs)

AI/ML system security, LLM red teaming, AI governance and risk, adversarial machine learning, and responsible AI frameworks.

GMLE — GIAC Machine Learning Engineer
GIAC / SANS Institute · expert · 25% practical · $999 — official
GIAC's machine learning security engineering certification covering how to build and secure ML pipelines, protect models, and implement MLSecOps practices. Targets security engineers and ML practitioners who build AI/ML …
GASAE — GIAC AI Security Automation Engineer
GIAC / SANS Institute · expert · 25% practical · $999 — official
GIAC's AI security automation certification covering the use of AI tools for security automation and the security of AI-driven automation systems — including agentic AI security. Became generally available in April 2026.…
GAIPS — GIAC AI Platform Security
GIAC / SANS Institute · expert · 25% practical · $999 — official
**Status:** Not yet available for purchase — expected release July 28, 2026. GIAC's LLM and generative AI platform security certification covering the security of AI infrastructure — LLM deployment security, RAG pipeline…
ISO 42001 LI — PECB Certified ISO/IEC 42001 Lead Implementer
PECB · expert · 25% practical · $500 — official
PECB's ISO/IEC 42001 Lead Implementer certification covering implementation of an AI Management System (AIMS) based on the first international AI management standard. Not DoD 8140 approved. ISO 42001 was published in Dec…
ISO 42001 LA — PECB Certified ISO/IEC 42001 Lead Auditor
PECB · expert · 25% practical · $500 — official
PECB's ISO/IEC 42001 Lead Auditor certification for practitioners who audit AI management systems against the ISO 42001 standard. Not DoD 8140 approved. Targeted at auditors and assessors working with organizations imple…
AAIR — Advanced in AI Risk
ISACA · expert · 0% practical · $415 — official
ISACA's AI risk add-on certification for existing CRISC holders — extends traditional IT risk management methodology into the AI domain. Not DoD 8140 approved. Part of ISACA's emerging AI credential suite designed to hel…
SecAI+ — CompTIA SecAI+
CompTIA · intermediate · 25% practical · $298 — official
CompTIA's AI security certification covering AI threat identification, secure AI implementation, LLM security basics, and AI risk management. Not DoD 8140 approved — CompTIA has submitted for approval but it's not yet li…
AAIA — ISACA Advanced in AI Audit
ISACA · expert · 0% practical · $599 — official
ISACA's first AI-specific audit credential, launched May 2025. Validates knowledge of AI system audit methodology, AI governance frameworks, and AI risk assessment for information systems auditors. Requires an active CIS…
AAISM — ISACA Advanced in AI Security Management
ISACA · expert · 0% practical · $599 — official
ISACA's AI security management credential, launched August 19, 2025. Validates AI security governance, AI risk management frameworks, and AI policy development for information security managers. Requires an active CISM o…
AIRTP+ — Learn Prompting AI Red Teaming Professional
Learn Prompting · intermediate · 70% practical · $299 — official
Learn Prompting's professional-tier AI red teaming credential — a 24+ hour vendor-administered take-home assessment covering prompt injection, LLM jailbreaking, adversarial examples, cognitive hacking, and OWASP LLM Top …
CAISR — 8kSec Certified AI Security Researcher
8kSec · intermediate · 100% practical · $119 — official
8kSec's AI security research credential covering attacks, defenses, and practical applications of AI security testing. Hands-on practical exam with written report graded by 8kSec panel within 3 business days. Bundled wit…
CAISP — Practical DevSecOps Certified AI Security Professional
Practical DevSecOps · intermediate · 100% practical · $1099 — official
Practical DevSecOps's AI/LLM security certification — PDSO's fastest-growing credential in 2025-2026. 5 task-based challenges, 6-hour lab + 24-hour report, 80% pass. Covers OWASP LLM Top 10, MITRE ATLAS, AI threat modeli…

Oversight & Leadership (11 certs)

CISO and executive leadership, security program management, security awareness, and board-level security governance.

CCISO — Certified Chief Information Security Officer
EC-Council · expert · 25% practical · $999 — official
EC-Council's executive-level security leadership certification targeting current and aspiring CISOs. Covers security governance, program management, strategic planning, financial management, audit oversight, and executiv…
Associate CCISO — Associate Certified Chief Information Security Officer
EC-Council · intermediate · 25% practical · $450 — official
EC-Council's entry path to the CCISO track — same exam as CCISO but without the experience requirement verification, replaced December 2023 by the EISM certification. Allows practitioners to pass the CCISO exam while bui…
ISSMP — Information Systems Security Management Professional
ISC2 · expert · 0% practical · $599 — official
ISC2's security management concentration covering security leadership, program management, compliance, business continuity governance, and personnel security management. As of October 2023, the exam can be taken without …
GSLC — GIAC Security Leadership Certification
GIAC / SANS Institute · expert · 25% practical · $999 — official
GIAC's security leadership and management certification covering security program management, risk governance, policy development, compliance management, project management, and security team leadership. DoD 8140 approve…
GSTRT — GIAC Strategic Planning, Policy, and Leadership
GIAC / SANS Institute · expert · 25% practical · $999 — official
GIAC's strategic security leadership certification covering security strategy development, board-level risk communication, security investment justification, organizational change management, and metrics-driven governanc…
CPP — Certified Protection Professional
ASIS International · expert · 0% practical · $450 — official
ASIS International's flagship security management certification — historically the primary credential for physical security and corporate security directors but increasingly relevant in converged physical-cyber security …
SSAP — SANS Security Awareness Professional
SANS Institute · intermediate · 25% practical · $799 — official
SANS's certification for security awareness and human risk management professionals — the only major certification dedicated specifically to running effective security awareness programs. Covers program design, behavior …
PECB LCM — PECB Certified Lead Cybersecurity Manager
PECB · expert · 25% practical · $500 — official
PECB's cybersecurity management certification based on the ISO/IEC 27032 standard for cybersecurity management and coordination. Covers cybersecurity program management, incident management, stakeholder coordination, and…
NACD Cert — NACD Cyber-Risk Oversight Certificate
NACD / Carnegie Mellon SEI · expert · 25% practical · $3500 — official
The National Association of Corporate Directors' cyber risk oversight certificate developed with Carnegie Mellon SEI — targeted at board directors and C-suite executives responsible for cyber risk oversight rather than p…
GSE — GIAC Security Expert
GIAC · elite · 70% practical · $0 — official
GIAC's flagship elite credential and the most prestigious certification in cybersecurity. GSE is a portfolio certification — there is no separate exam. Candidates earn GSE by completing any 6 GIAC Practitioner certificat…
GSP — GIAC Security Professional
GIAC · expert · 70% practical · $0 — official
GIAC's 2024 intermediate portfolio tier introduced as a milestone between standard Practitioner certifications and the elite GSE. GSP is earned by completing any 3 GIAC Practitioner certifications and any 2 GIAC Applied …

Recent Updates

2026-05-24 — Big data refresh — v1 of the auto-auditor is live

Been taking my time on one of the most important components of this project: the updater. The first version of audit.js is live — it validates the data against the schema, hits every cert's official URL, and flags dead links, redirects, price drifts, and discontinued certs. Still rough around the edges, but its first run already paid off — fixed a bunch of dead URLs (Cisco CCNA, ISA 62443, F5, GIAC and more), retired a few certs that are no longer offered (GEVA, Anomali, OneTrust OTCPP), and quietly cleaned up a lot of score and flag data behind the scenes. Full breakdown is in the changelog. Plan is to run this automatically once a week so the catalog stays accurate without me having to chase URLs manually — will let you know when it's wired up!

2026-05-10 — First community PR — huge thanks to Aj7ay7! 🙌

Massive thank you to Aj7ay7 for the very first community PR — they spotted that CCSE and CCNSE (Practical DevSecOps) were missing and put together an entry for both. That single PR is what kicked off the whole PDSO refresh you see in this update: the two certs they flagged, plus a bunch more from the same vendor I realized had been missing or under-scored once I started digging. Exactly the kind of contribution that makes this project better — one person spotting something, and the fix turning into a wider improvement. Off the back of it I wrote a CONTRIBUTING.md so the next PR has a clear path through the conventions (vendor acronym collisions, cross-domain placement, score scales, etc.). If you've spotted a missing cert, an inaccurate score, or one that should be flagged as retired — fork, follow the guide, send a PR. Genuinely excited to see what comes next.

2026-05-10 — Practical weight, explained — plus a few more DevSecOps certs

Got some really good feedback on the recent map update — especially around the practical weight scoring. As a few of you pointed out, I never actually shared how that number is decided. So here it is, the 5-tier scale: 100% — Entirely practical · 70% — Majority practical + report · 50% — Hybrid MCQ + lab · 25% — MCQ + optional lab · 0% — MCQ only. This now lives behind a small ? tooltip next to the practical bar in every cert profile and next to the 'Practical' color-by selector on the map, so you can pull it up any time. Also slipped in a few more certs from the Practical DevSecOps catalog (CCSE Container, CCNSE Cloud-Native, CSC Security Champion) and refreshed the existing PDSO entries with better scoring and cross-domain placement. Keep the feedback coming — this is exactly how the project gets better.

2026-05-07 — Big update — Map view just landed (v1, feedback wanted!)

Been planning this one for a while. EBCertMap started as Paul Jerimy's roadmap done as a searchable database — but the original's strength is its visual at-a-glance table. So I built one. Toggle between ⊞ Grid and ⬡ Map at the top of the Certs view to see all 426 certs as a domain × level matrix. Click any pill for the full profile. Pick a single domain to switch to a leaderboard-per-level view (best-first by overall score) — way more useful when you're shopping inside one specialization. Color the pills by Domain, Employer Recognition, Practical Weight, or Cost to scan the catalog from different angles. Mobile gets a vertical leaderboard layout. This is v1 — I'd really like feedback on this one. What's missing? What's confusing? What would make it more useful for how you actually browse?

2026-04-29 — New role + budget-friendly paths

Added a few new role paths around the recent boutique certs. Most notable: split mobile security into two roles instead of cramming everything under Mobile Pentester — kept that role focused on app testing (CMSE/CISE/CASE), and created a dedicated Mobile Security Researcher role for the deeper kernel/internals/ARM exploitation track (CISR → CASR → OAAE → OMSE). Two roles, clearer career story. Also added a budget CTI path (arcX FTIA → PTIA → MCTIA) at $630 instead of $999+ for GCTI, a malware mobile track, and AIRTP+ as the entry into AI red teaming. Plus a quiet roles.json cleanup so the metadata actually matches the path files.

Changelog

2026-05-24 — Audit Script v1, Schema Cleanup, 34 URL Fixes & New Filter

Built scripts/audit.js — automated data validator: schema checks (no network), URL liveness, redirect detection, price drift, discontinued-keyword scan, and bot-detection-aware status tracking. CLI flags: --schema-only, --domain <id>, --include-inactive
Schema cleanup pass: quantized 240 cert practical_weight values to the canonical 5-tier scale (0/25/50/70/100), normalized 8 flag types (renamed portfolio→portfolio_based, law_enforcement_focused→law_enforcement; dropped redundant cyberlive, accredited, capstone, elite), allowed score=0 for pure-MCQ certs like KCSA
Added 3 new badges in the cert cards and profile: Course-Tied (~12 certs), No Exam (3), LE / Forensics (4)
Added Flag filter to the cert filter bar (desktop + mobile) — pick any flag to narrow the catalog (e.g. only Free, only Course-Tied)
Audit first-run findings — applied 34 URL fixes: DRI International (cbcp, mbcp, abcp, ccrp), BCI (cbci, mbci), Zscaler (ztca, zdta, zdte), CrowdStrike (ccis, cccs), ISA IEC 62443 family (5 certs), Shared Assessments (ctprp, ctpra), HITRUST CCSFP, ISACA AAIR, Cisco CCNA, GIAC GX-FE/GEIR/GAIPS, Magnet MCFE, F5 LTM/ASM, OpenGroup TOGAF-IRS, PCI PCIP, SANS SSAP, Oracle OCI Security Professional, Exterro ACE, Splunk SPLK-3001
Deactivated 3 certs no longer offered: GEVA (in abeyance — CPE renewal only), Anomali Certified (moved to course-based training), OneTrust OTCPP (replaced by a new modular cert structure — backlog to add)
Marked Splunk SPLK-3001 as retiring (Splunk reclassified it as Legacy in March 2026)
Corrected CompTIA SecAI+ price: $392 → $298
UI fix: when a cert is active:false, the redundant paused/retiring flag badges are now suppressed (the Inactive badge already conveys the state)
Audit improvement: --include-inactive flag (default off) — inactive certs are skipped from network checks by default since their URLs being dead is expected. Price-mismatch suspect tagging marks likely-false-positives (e.g., GIAC pages showing "$18" in footers) without dropping the signal

2026-05-11 — Crawler & AI Discoverability — Static Content Injection

Added a Vite build plugin that bakes the catalog into the served HTML so AI crawlers (Anthropic, OpenAI, Perplexity), Googlebot's first-pass crawl, and JS-disabled clients can read the data without executing JavaScript
Injected a slim schema.org ItemList of all 426 certs as JSON-LD — directory-style structured data parseable natively by every major AI crawler
Added a <noscript> fallback with the full catalog grouped by domain (cert acronym, full name, issuer, level, practical %, cost, 220-char summary) plus the latest news and changelog entries wrapped in <time datetime> for freshness signals
og:updated_time and article:modified_time meta tags now auto-pull from the latest changelog date
sitemap.xml lastmod auto-regenerates from the data — no more manual date bumps
Refreshed README with current cert count, last-updated badge, recent changelog highlights, and an explicit Contributing section linking to CONTRIBUTING.md

2026-05-10 — DevSecOps Cert Refresh, Duplicate Merge & Practical-Weight Legend

Added 3 new Practical DevSecOps certs: CCSE (Container Security Expert), CCNSE (Cloud-Native Security Expert), CSC (Security Champion)
Refreshed 6 existing PDSO certs with revised scoring and cross-domain placement: CDP, CDE, CSSE now span DefSec/SOC + AppSec; CTMP moved to Security Architecture; CAISP and CASP score updates
Refreshed CKS and KCSA (CNCF) entries with current 2026 exam details and the Kubestronaut program reference
Merged 3 long-standing duplicate cert entries: AAIA (was both 'aaia' and 'isaca-aaia'), AIGP (split across data_privacy and ai_security), CISSP (split across security_architecture and iam) — kept the richer copy of each, expanded domain arrays where needed
Added issuer-initial tags to map pills for genuine vendor-collision acronyms (CCSE × 3, CPIA × 2) — pills now show '·CP', '·CWL', '·PDSO', '·CREST' so you can tell them apart at a glance
Added a '?' popover next to the practical-weight bar in the cert profile and next to the active 'Practical' color-by selector on the map — shows the 5-tier scoring scale (100% Entirely practical → 0% MCQ only)

2026-05-07 — Map View — Visual Domain × Level Roadmap

Added ⊞ Grid / ⬡ Map toggle to the Certs view — Map shows all 426 certs as a visual domain × level matrix inspired by Paul Jerimy's roadmap
All-domains map: 15 columns × 4 levels (Elite → Beginner), cross-domain certs appear in every relevant column
Single-domain map: switches to a leaderboard layout — one wide row per level, certs sorted best-first by overall score with score badges baked into each pill
Color pills by 4 dimensions — Domain, Employer Recognition, Practical Weight, or Cost — clickable blocks in the left legend
Mobile map view — same leaderboard layout in a vertical stack with a horizontal color-by chip strip; the toggle works on phones too
Empty cells get a subtle dotted background so the structure stays readable
Map respects all active filters (search, level, issuer, cost, DoD, ≥50% practical) — switching modes preserves what you were looking at
Profile pane shrinks to 320px in map mode to give the grid more breathing room
Auto-loads all 15 domain JSONs the first time you enter map mode so the grid isn't sparse
Replaced the default Vite/React favicon with the EB logo — same green→cyan gradient and bold 'EB' as the in-app header so the browser tab matches the brand

2026-05-03 — Minor UI Fixes

Fixed mobile role view — tapping the same role after going back to the role list now re-opens it (previously you had to tap a different role first)
Changed default Certs view domain from 'Offensive' to 'All Domains' so visitors see the full catalog on first load
Added missing 'Level' and 'Issuer' sort options to the mobile sort dropdown — mobile now matches desktop's full 6-option sort menu

Community & Contribution

EBCertMap is open-source and accepts community contributions. See CONTRIBUTING.md for the cert submission guide. Discussion thread on r/cybersecurity.