See also
Wikimedia Commons has media related to Computer-related occupations .
In the computer security or Information security fields, there are a number of tracks a professional can take to demonstrate qualifications. [Notes 1] Four sources categorizing these, and many other credentials, licenses, and certifications, are:
Quality and acceptance vary worldwide for IT security credentials, from well-known and high-quality examples like a master's degree in the field from an accredited school, CISSP, and Microsoft certification, to a controversial list of many dozens of lesser-known credentials and organizations.
In addition to certification obtained by taking courses and/or passing exams (and in the case of CISSP and others noted below, demonstrating experience and/or being recommended or given a reference from an existing credential holder), award certificates also are given for winning government, university or industry-sponsored competitions, including team competitions and contests.
| Issuing Organization | Credential abbreviation | Certification Title | Focus | Validity duration | Number issued |
|---|---|---|---|---|---|
| Altered Security | CRTP | Certified Red Team Professional | Red Teaming | 3 years | N/A |
| CRTE | Certified Red Team Expert | Red Teaming | 3 years | N/A | |
| CRTM | Certified Red Team Master | Red Teaming | 3 years | N/A | |
| CARTP | Certified Azure Red Team Professional | Red Teaming | 3 years | N/A | |
| CAWASP | Certified Azure Web Application Security Professional | Application Security | 3 years | N/A | |
| (ISC)2 | S-ITSF | IT-Security Foundation | General Cyber Security | 3 years | N/A |
| S-ITSP | IT-Security Practitioner | General Cyber Security | 3 years | N/A | |
| S-ITSE | IT-Security Expert | General Cyber Security | 3 years | N/A | |
| S-CITSO | Certified IT-Security Officer | General Cyber Security | 3 years | N/A | |
| S-DPF | Data Protection Foundation | Privacy | No expiration [1] | N/A | |
| S-DPP | Data Protection Practitioner | Privacy | 1 year [2] | N/A | |
| S-CDPO | Certified Data Protection Officer | Privacy | 3 years | N/A | |
| S-EHF | Ethical Hacking Foundation | Penetration Testing | 3 years | N/A | |
| S-EHP | Ethical Hacking Practitioner | Penetration Testing | 3 years | N/A | |
| S-SPF | Secure Programming Foundation | Software Development | 3 years | N/A | |
| S-DWF | Dark Web Foundation | Threat Intelligence | 3 years | N/A | |
| CC | Certified in CyberSecurity | IT-Administration | 3 years (continuously) | N/A | |
| CISSP | Certified Information Systems Security Professional | Management | 3 years (continuously) [3] | 127,734 [4] | |
| CISSP-ISSAP | Information Systems Security Architecture Professional | Security Architecture | 3 years (continuously) [5] | 1,952 [6] | |
| CISSP-ISSEP | Information Systems Security Engineering Professional | IT-Administration | 3 years (continuously) [5] | 1,147 [6] | |
| CISSP-ISSMP | Information Systems Security Management Professional | Management | 3 years (continuously) [5] | 1,196 [6] | |
| SSCP | Systems Security Certified Practitioner | IT-Administration | 3 years (continuously) [7] | 4,319 [6] | |
| CCSP | Certified Cloud Security Professional | Cloud Security | 3 years (continuously) [8] | 3,549 [6] | |
| CAP | Certified Authorization Professional | Auditing | 3 years (continuously) [9] | 2,671 [6] | |
| CSSLP | Certified Secure Software Lifecycle Professional | Software Development | 3 years (continuously) [10] | 2,214 [6] | |
| CompTIA | Security+ | CompTIA Security+ [11] | IT-Administration | 3 years [12] | N/A |
| CySA+ | CompTIA Cyber Security Analyst | Security Analysis | 3 years [13] | N/A | |
| PenTest+ | CompTIA Pentest+ | Penetration Testing | 3 years [14] | N/A | |
| CASP+ | CompTIA Advanced Security Practitioner | General Cyber Security | 3 years [15] | N/A | |
| ISACA | CISA | Certified Information Systems Auditor | Auditing | 3 years | 115,000 [16] |
| CISM | Certified Information Security Manager | Management | 3 years | 27,000 [16] | |
| CRISC | Certified In Risk and Information Systems Control | Risk Management | 3 years | 18,000 [16] | |
| CGEIT | Certified in the Governance of Enterprise IT | Management | 3 years | 6,000 [16] | |
| CSX-F | Cyber Security Fundamentals | General Cyber Security | 3 years | N/A | |
| CSX-T | Cyber Security Technical Foundations | General Cyber Security | 3 years | N/A | |
| CSX-P | Cyber Security Practitioner | General Cyber Security | 3 years | N/A | |
| CSX-A | Cyber Security Audit | Auditing | 3 years | N/A | |
| CDPSE | CERTIFIED DATA PRIVACY SOLUTIONS ENGINEER | Data Priavcy | 3 years | N/A | |
| GIAC | GSE | Security Expert | General Cyber Security | 4 years [17] | N/A |
| GSEC | Security Essentials | General Cyber Security | 4 years [17] | N/A | |
| GCIA | Certified Intrusion Analyst | Security Analysis | 4 years [17] | N/A | |
| GISF | GIAC Information Security Fundamentals | General Cyber Security | 4 years [17] | N/A | |
| GCED | Certified Enterprise Defender | Cyber Defense | 4 years [17] | N/A | |
| GCWN | Certified Windows Security Administrator | IT-Administration | 4 years [17] | N/A | |
| GMON | Continuous Monitoring Certification | Threat Intelligence | 4 years [17] | N/A | |
| GCCC | Critical Controls Certification | Cyber Defense | 4 years [17] | N/A | |
| GCLD | Cloud Security Essentials | Cyber Defense | 4 years [17] | N/A | |
| GDSA | Defensible Security Architecture | Security Architecture | 4 years [17] | N/A | |
| GCDA | Certified Detection Analyst | Threat Intelligence | 4 years [17] | N/A | |
| GDAT | Defending Advanced Threats | Cyber Defense | 4 years [17] | N/A | |
| GCIH | Certified Incident Handler | Incident Response | 4 years [17] | N/A | |
| GPEN | Penetration Tester | Penetration Testing | 4 years [17] | N/A | |
| GWAPT | Web Application Penetration Tester | Penetration Testing | 4 years [17] | N/A | |
| GXPN | Exploit Researcher and Advanced Penetration Tester | Penetration Testing | 4 years [17] | N/A | |
| GMOB | Mobile Device Security Analyst | Security Analysis | 4 years [17] | N/A | |
| GAWN | Assessing and Auditing Wireless Networks | Wireless Security | 4 years [17] | N/A | |
| GPYC | Python Coder | Software Development | 4 years [17] | N/A | |
| GCFA | Certified Forensic Analyst | Forensics | 4 years [17] | N/A | |
| GCFE | Certified Forensic Examiner | Forensics | 4 years [17] | N/A | |
| GREM | Reverse Engineering Malware | Malware Analysis | 4 years [17] | N/A | |
| GNFA | Network Forensic Analyst | Forensics | 4 years [17] | N/A | |
| GCTI | Cyber Threat Intelligence | Threat Intelligence | 4 years [17] | N/A | |
| GASF | Advanced Smartphone Forensics | Forensics | 4 years [17] | N/A | |
| GSLC | Security Leadership | Management | 4 years [17] | N/A | |
| GSNA | Systems and Network Auditor | Auditing | 4 years [17] | N/A | |
| GISP | Information Security Professional | General Cyber Security | 4 years [17] | N/A | |
| GLEG | Law of Data Security & Investigations | Forensics | 4 years [17] | N/A | |
| GCPM | Certified Project Manager | Management | 4 years [17] | N/A | |
| GSTRT | Strategic Planning, Policy, and Leadership | Management | 4 years [17] | N/A | |
| GWEB | Certified Web Application Defender | Software Development | 4 years [17] | N/A | |
| GICSP | Global Industrial Cyber Security Professional | Critical Infrastructure Security | 4 years [17] | N/A | |
| GRID | Response and Industrial Defense | Critical Infrastructure Security | 4 years [17] | N/A | |
| GCIP | Critical Infrastructure Protection | Critical Infrastructure Security | 4 years [17] | N/A | |
| GOSI | Open Source Intelligence | Threat Intelligence | 4 years [17] | N/A | |
| GBFA | Battlefield Forensics and Acquisition | Forensics | 4 years [17] | N/A | |
| GCSA | Cloud Security Automation | Cloud Security | 4 years [17] | N/A | |
| GFCT | Foundational Cybersecurity Technologies | Cyber Security | 4 years [17] | N/A | |
| GSOC | Security Operations Certified | Security Operations | 4 years [17] | N/A | |
| GPCS | Public Cloud Security | Cloud Security | 4 years [17] | N/A | |
| CyberDefenders | CCD | Certified CyberDefender | CyberDefense / BlueTeam | No expiration [18] | N/A |
| EC-Council | CSCU | EC-Council Certified Secure Computer User | Security Awareness | No expiration | N/A |
| CND | EC-Council Certified Network Defender | Network Security | 3 years [19] | N/A | |
| CEH | EC-Council Certified Ethical Hacker | Penetration Testing | 3 years [19] | N/A | |
| CEH-Practical (Master) | EC-Council Certified Ethical Hacker Practical (Master) | Penetration Testing | 3 years [19] | N/A | |
| ECSA | EC-Council Certified Security Analyst | Penetration Testing | 3 years [19] | N/A | |
| ECSA-Master (Practical) | EC-Council Certified Security Analyst (Practical) | Penetration Testing | 3 years [19] | N/A | |
| LPT-Master (Practical) | EC-Council Licensed Penetration Tester (Master) | Penetration Testing | 1 year [Notes 3] [20] | N/A | |
| E|ISM | EC-Council Information Security Manager | Management | 3 years [19] | N/A | |
| CCISO | EC-Council Certified Chief Information Security Officer | Management | 1 year [21] | N/A | |
| ECIH | EC-Council Certified Incident Handler | Incident Response | 3 years [19] | N/A | |
| CHFI | EC-Council Computer Hacking Forensic Investigator | Forensics | 3 years [19] | N/A | |
| EDRP | EC-Council Disaster Recovery Professional | Disaster Recovery | 3 years [19] | N/A | |
| ECES | EC-Council Certified Encryption Specialist | Encryption | 3 years [19] | N/A | |
| CASE Java | EC-Council Certified Application Security Engineer Java | Software Development | 3 years [19] | N/A | |
| CASE .Net | EC-Council Certified Application Security Engineer .Net | Software Development | 3 years [19] | N/A | |
| CTIA | EC-Council Certified Threat Intelligence Analyst | Threat Intelligence | 3 years [19] | N/A | |
| CSA | EC-Council Certified SOC Analyst | Security Analysis | 3 years [19] | N/A | |
| ECSS | EC-Council Certified Security Specialist | General Cyber Security | 3 years [19] | N/A | |
| CCSE | EC-Council Cloud Security Engineer | Cloud Security | 3 years [19] | N/ | |
| OffSec | OSCP | OffSec Certified Professional | Penetration Testing | No expiration [22] | N/A |
| OSWP | OffSec Wireless Professional | Penetration Testing | No expiration [22] | N/A | |
| OSWA | OffSec Web Assessor | Penetration Testing | No expiration [22] | N/A | |
| OSEP | OffSec Experienced Penetration Tester | Penetration Testing | No expiration [22] | N/A | |
| OSED | OffSec Security Exploit Developer | Exploit Development | No expiration [22] | N/A | |
| OSWE | OffSec Web Expert | Penetration Testing | No expiration [22] | N/A | |
| OSCE3 | OffSec Certified Expert3 | Penetration Testing | No expiration [22] | N/A | |
| OSEE | OffSec Exploitation Expert | Exploit Development | No expiration [22] | N/A | |
| OSDA | OffSec Defensive Analyst | Security Operations | No expiration [22] | N/A | |
| OSMR | OffSec macOS Researcher | Exploit Development | No expiration [22] | N/A | |
| EITCI | EITCA/IS | EITCA Information Technologies Security Academy | General Cyber Security | No expiration | N/A |
| CSA | CCSK | CSA Certificate of Cloud Security Knowledge | Cloud Security | No expiration | N/A |
| Cloud Credential Council | PCSM | CCC Professional Cloud Security Manager | Cloud Security | No expiration | N/A |
| IAPP | CIPP | Certified Information Privacy Professional | Privacy | 2 years | 50,000 Total |
| CIPM | Certified Information Privacy Manager | Privacy | 2 years | ||
| CIPT | Certified Information Privacy Technologist | Privacy | 2 years | ||
| INE Security | eJPT | eLearnSecurity Certified Junior Penetration Tester | Penetration Testing | No expiration | N/A |
| eCPPT | eLearnSecurity Certified Professional Penetration Tester | Penetration Testing | No expiration | N/A | |
| eWPT | eLearnSecurity Web Application Penetration Tester | Penetration Testing | No expiration | N/A | |
| eMAPT | eLearnSecurity Mobile Application Penetration Tester | Penetration Testing | No expiration | N/A | |
| eCPTX | eLearnSecurity Certified Penetration Tester eXtreme | Penetration Testing | No expiration | N/A | |
| eCIR | eLearnSecurity Certified Incident Response Professional | Incident Response | No expiration | N/A | |
| eCXD | eLearnSecurity Exploit Development | Penetration Testing | No expiration | N/A | |
| eNDP | eLearnSecurity Network Defense Professional | Network Security | No expiration | N/A | |
| eCRE | eLearnSecurity Certified Reverse Engineer | Malware Analysis | No expiration | N/A | |
| eCTHP | eLearnSecurity Certified Threat Hunting Professional | Threat Hunting | No expiration | N/A | |
| eCMAP | eLearnSecurity Certified Malware Analysis Professional | Malware Analysis | No expiration | N/A | |
| eWDP | eLearnSecurity Web Defense Professional | Web Defense | No expiration | N/A | |
| eCDFP | eLearnSecurity Certified Digital Forensics Professional | Digital Forensics | No expiration | N/A | |
| CREST | CPSA | CREST Practitioner Security Analyst | Penetration Testing | 3 Years | N/A |
| CRT | CREST Registered Penetration Tester | Penetration Testing | 3 Years | N/A | |
| CCT App | CREST Certified Web Application Tester | Penetration Testing | 3 Years | N/A | |
| CCT Inf | CREST Certified Infrastructure Tester | Penetration Testing | 3 Years | N/A | |
| CCSAS | CREST Certified Simulated Attack Specialist | Attack Simulation | 3 Years | N/A | |
| CCSAM | CREST Certified Simulated Attack Manager | Attack Simulation | 3 Years | N/A | |
| CCWS | CREST Certified Wireless Specialist | Wireless security | 3 Years | N/A | |
| CPTIA | CREST Practitioner Threat Intelligence Analyst | Threat Intelligence | 3 Years | N/A | |
| CRTIA | CREST Registered Threat Intelligence Analyst | Threat Intelligence | 3 Years | N/A | |
| CCTIM | CREST Certified Threat Intelligence Manager | Threat Intelligence | 3 Years | N/A | |
| CPIA | CREST Practitioner Intrusion Analyst | Security Analysis | 3 Years | N/A | |
| CRIA | CREST Registered Intrusion Analyst | Security Analysis | 3 Years | N/A | |
| CCNIA | CREST Certified Network Intrusion Analyst | Security Analysis | 3 Years | N/A | |
| CCHIA | CREST Certified Host Intrusion Analyst | Security Analysis | 3 Years | N/A | |
| CCMRE | CREST Certified Malware Reverse Engineer | Malware Analysis | 3 Years | N/A | |
| CCIM | CREST Certified Incident Manager | Incident Response | 3 Years | N/A | |
| CRTSA | CREST Registered Technical Security Architect | Security Architecture | 3 Years | N/A | |
| InfoSec Institute | CCFE | Certified Computer Forensics Examiner | Forensics | 4 years | N/A |
| CCTHP | Certified Cyber Threat Hunting Professional | Threat Hunting | 4 years | N/A | |
| CDRP | Certified Data Recovery Professional | Disaster Recovery | 4 years | N/A | |
| CEPT | Certified Expert Penetration Tester | Penetration Testing | 4 years | N/A | |
| CEREA | Certified Expert Reverse Engineering Analyst | Malware Analysis | 4 years | N/A | |
| CMWAPT | Certified Mobile and Web Application Penetration Tester | Penetration Testing | 4 years | N/A | |
| CMFE | Certified Mobile Forensics Examiner | Forensics | 4 years | N/A | |
| CPT | Certified Penetration Tester | Penetration Testing | 4 years | N/A | |
| CRTOP | Certified Red Team Operations Professional | Red Teaming | 4 years | N/A | |
| CREA | Certified Reverse Engineering Analyst | Malware Analysis | 4 years | N/A | |
| CSSA | Certified SCADA Security Architect | Critical Infrastructure Security | 4 years | N/A | |
| CSAP | Certified Security Awareness Practitioner | Security Awareness | 4 years | N/A | |
| Cyber Struggle[ notability? ] | CSAE | Cyber Struggle Aegis | Security Analysis | No expiration | N/A |
| CSR | Cyber Struggle Ranger | Red Teaming | No expiration | N/A | |
| CSTPO | Cyber Struggle Tactical Pistol Operator | Tactical fire gun shooting | No expiration | N/A | |
| Linux Professional Institute (LPI) | SecE | Linux Professional Institute Security Essentials | General Cyber Security | No expiration [23] | N/A |
| LPIC-3 Security | Linux Professional Institute LPIC-3 Security | IT-Administration | 5 years [24] | N/A | |
| Mile2 | C)SA1 | Certified Security Awareness 1 | Security Awareness | 3 Years | N/A |
| C)SA2 | Certified Security Awareness 2 | Security Awareness | 3 Years | N/A | |
| C)SP | Certified Security Principles | General Cyber Security | 3 Years | N/A | |
| C)ISSO | Certified Information Systems Security Officer | Management | 3 Years | N/A | |
| IS20 | Information Security 20 Security Controls | General Cyber Security | 3 Years | N/A | |
| C)SLO | Certified Security Leadership Officer | Management | 3 Years | N/A | |
| C)VA | Certified Vulnerability Assessor | Vulnerability Management | 3 Years | N/A | |
| C)PEH | Certified Professional Ethical Hacker | Penetration Testing | 3 Years | N/A | |
| C)PTE | Certified Penetration Tester | Penetration Testing | 3 Years | N/A | |
| C)PTC | Certified Penetration Testing Consultant | Penetration Testing | 3 Years | N/A | |
| C)PSH | Certified PowerShell Hacker | Scripting | 3 Years | N/A | |
| C)IHE | Certified Incident Handling Engineer | Incident Response | 3 Years | N/A | |
| C)DFE | Certified Digital Forensic Examiner | Forensics | 3 Years | N/A | |
| C)VFE | Certified Virtualization Forensics Engineer | Forensics | 3 Years | N/A | |
| C)NFE | Certified Network Forensics Examiner | Forensics | 3 Years | N/A | |
| C)DRE | Certified Disaster Recovery Engineer | Disaster Recovery | 3 Years | N/A | |
| C)HISSP | Certified Healthcare Information Systems Security Professional | Healthcare | 3 Years | N/A | |
| C)ISMS-LA | Certified Information Security Management Systems Lead Auditor | Auditing | 3 Years | N/A | |
| C)ISMS-LI | Certified Information Security Management Systems Lead Implementer | Risk Management | 3 Years | N/A | |
| C)ISSA | Certified Information Security Systems Auditor | Auditing | 3 Years | N/A | |
| C)SWAE | Certified Secure Web Application Engineer | Application Security | 3 Years | N/A | |
| C)VCP | Certified Virtualization Principles | Virtualization | 3 Years | N/A | |
| C)VE | Certified Virtualization Engineer | Virtualization | 3 Years | N/A | |
| C)CSO | Certified Cloud Security Officer | Cloud Security | 3 Years | N/A | |
| C)VSE | Certified Virtualization Systems Engineer | Virtualization | 3 Years | N/A | |
| C)ISSM | Certified Information Systems Security Manager | Management | 3 Years | N/A | |
| C)ISRM | Certified Information Systems Risk Manager | Risk Management | 3 Years | N/A | |
| ISCAP | Information Systems Certification & Accreditation Professional | Auditing | 3 Years | N/A | |
| C)SWAE | Certified Secure Web Application Engineer | Web Security | 3 Years | N/A | |
| C)ISS | Certified IPv6 Security Specialist | Network Security | 3 Years | N/A | |
| C)CSA | Certified Cybersecurity Analyst | Security Analysis | 3 Years | N/A | |
| C)CTA | Certified Cyber Threat Analyst | Security Analysis | 3 Years | N/A | |
| C)CTIA | Certified Cyber Threat Intelligence Analyst | Threat Intelligence | 3 Years | N/A | |
| ASIS International | CPP | Certified Protection Professional | Management | 3 Years | N/A |
| APP | Associate Protection Professional | Management | 3 Years | N/A | |
| PCI | Professional Certified Investigator | Forensics | 3 Years | N/A | |
| PSP | Physical Security Professional | Physical Security | 3 Years | N/A | |
| SABSA | SABSA-SCF | SABSA Chartered Security Architect – Foundation Certificate | Security Architecture | 3 Years | N/A |
| SABSA-SCP | SABSA Chartered Security Architect – Practitioner Certificate | Security Architecture | 3 Years | N/A | |
| SABSA-SCM | SABSA Chartered Security Architect – Master Certificate | Security Architecture | 3 Years | N/A | |
| APMG International | ISO/IEC 27001-F | ISO/IEC 27001 Foundation | Standards | No expiration | N/A |
| ISO/IEC 27001-P ISO | ISO/IEC 27001 Practitioner - Information Security Officer | Standards | No expiration | N/A | |
| NCSP-F | NIST Cyber Security Professional Foundation | Standards | No expiration | N/A | |
| NCSP-P | NIST Cyber Security Professional Practiioner | Standards | No expiration | N/A | |
| EXIN | PDP-E | EXIN Privacy & Data Protection Essentials | Privacy | No expiration | N/A |
| PDP-F | EXIN Privacy & Data Protection Foundation | Privacy | No expiration | N/A | |
| PDP-P | EXIN Privacy and Data Protection Practitioner | Privacy | No expiration | N/A | |
| CIT-F | EXIN Cyber & IT Security Foundation | General Cyber Security | No expiration | N/A | |
| CEF | EXIN Ethical Hacking Foundation | Penetration Testing | No expiration | N/A | |
| ISO/IEC 27001-F | EXIN Information Security Management ISO27001 Foundation | Standards | No expiration | N/A | |
| ISO/IEC 27001-P | EXIN Information Security Management ISO27001 Professional | Standards | No expiration | N/A | |
| ISO/IEC 27001-E | EXIN Information Security Management ISO27001 Expert | Standards | No expiration | N/A | |
| SP-F | EXIN Secure Programming Foundation | Software Development | No expiration | N/A | |
| IBITGQ | EU GDPR F | Certified EU General Data Protection Regulation Foundation | Standards | No expiration | N/A |
| EU GDPR P | Certified EU General Data Protection Regulation Practitioner | Standards | No expiration | N/A | |
| C-DPO | Certified Data Protection Officer | Privacy | No expiration | N/A | |
| C BS PIMS LI | Certified BS 10012 PIMS Lead Implementer | Standards | No expiration | N/A | |
| CCPA F | California Consumer Privacy Act Foundation | Privacy | No expiration | N/A | |
| C IDP F | Certified Introduction to Data Protection | Privacy | No expiration | N/A | |
| CIS F | Certified ISO 27001 ISMS Foundation | Standards | No expiration | N/A | |
| CIS LI | Certified ISO 27001 ISMS Lead Implementer | Standards | No expiration | N/A | |
| CIS LA | Certified ISO 27001 ISMS Lead Auditor | Standards | No expiration | N/A | |
| CIS IA | Certified ISO 27001 ISMS Internal Auditor | Standards | No expiration | N/A | |
| CISRM | Certified ISO 27005 ISMS Risk Management | Standards | No expiration | N/A | |
| PCI IM | PCI DSS Implementation | Standards | No expiration | N/A | |
| CCRMP | Managing Cyber Security Risk | Management | No expiration | N/A | |
| CIRM F | Cyber Incident Response Management Foundation | Incident Response | No expiration | N/A | |
| C CR P | Certified Cyber Resilience Practitioner | Management | No expiration | N/A | |
| CITGP | Implementing IT Governance – Foundation & Principles | Management | No expiration | N/A | |
| C CS F | Certified Cyber Security Foundation | General Cyber Security | No expiration | N/A | |
| CertNexus | CFR | CyberSec First Responder | Incident Response | 3 Years | N/A |
| CIOTSP | Certified IoT Security Practitioner (CIoTSP) | IoT | 3 Years | N/A | |
| IRBIZ | Incident Response for Business Professionals | Incident Response | 3 Years | N/A | |
| CSC | Cyber Secure Coder | Software Development | 3 Years | N/A | |
| CYBERSAFE | CyberSAFE | End user security | 1 Year | N/A | |
| Lunarline | CEHT | Certified Expert Hunt Team | Threat Hunting | 3 Years | N/A |
| CECS | Certified Expert Cloud Security | Cloud Security | 3 Years | N/A | |
| CEIA | Certified Expert Independent Assessor | Auditing | 3 Years | N/A | |
| CEPM | Certified Expert Program Manager | Management | 3 Years | N/A | |
| CERP | Certified Expert RMF Professional | Management | 3 Years | N/A | |
| CESA | Certified Expert Security Analyst | Security Analysis | 3 Years | N/A | |
| McAfee Institute | CECI | Certified Expert in Cyber Investigations | Forensics | 2 Years | N/A |
| CCII | Certified Cyber Intelligence Investigator | Threat Intelligence | 2 Years | N/A | |
| CCIP | Certified Cyber Intelligence Professional | Threat Intelligence | 2 Years | N/A | |
| CSMIE | Certified Social Media Intelligence Expert | Threat Intelligence | 2 Years | N/A | |
| SMIA | Certified Social Media Intelligence Analyst | Threat Intelligence | 2 Years | N/A | |
| CCTA | Certified Counterintelligence Threat Analyst | Threat Intelligence | 2 Years | N/A | |
| CPCI | Certified Professional Criminal Investigator | Forensics | 2 Years | N/A | |
| CORCI | Certified Organized Retail Crime Investigator | Forensics | 2 Years | N/A | |
| CEL | Certified Executive Leader | Management | 2 Years | N/A | |
| CHTI | Certified Human Trafficking Investigator | Forensics | 2 Years | N/A | |
| CCFI | Certified Cryptocurrency Forensic Investigator | Forensics | 2 Years | N/A | |
| WVTS | Certified Workplace violence and threat specialist | Forensics | 2 Years | N/A | |
| C|OSINT | Certified in Open Source Intelligence | Threat Intelligence | 2 Years | N/A | |
| The IIA | CIA | Certified Internal Auditor | Auditing | 160,000+ | |
| CRMA | Certification in Risk Management Assurance | Risk Management | N/A | ||
| QIAL | Qualification in Internal Audit Leadership | Auditing | N/A | ||
| GAQM | CSST | Certified Software Security Tester | Software Development | No Expiration | N/A |
| CASST | Certified Advanced Software Security Tester | Software Development | No Expiration | N/A | |
| CISP | Certified Information Security Professional | General Cyber Security | 5 Years | N/A | |
| CISSM | Certified Information Systems Security Manager | Management | 5 Years | N/A | |
| CISST | Certified Information Systems Security Tester | Security Testing | No Expiration | N/A | |
| CPT | Certified Penetration Tester | Penetration Tester | No Expiration | N/A | |
| CFA | Certified Forensic Analyst | Forensics | No Expiration | N/A | |
| CPEH | Certified Professional Ethical Hacker | Penetration Tester | No Expiration | N/A | |
| ISO/IEC 27001-CIA | ISO 27001 ISMS Certified Internal Auditor | Auditing | No Expiration | N/A | |
| ISO/IEC 27001-27002-LA | ISO 27001-27002 Lead Auditor | Auditing | No Expiration | N/A | |
| ISO/IEC 27001-LA | ISO 27001:2013 ISMS Certified Lead Auditor | Auditing | No Expiration | N/A | |
| ISO/IEC 27001-F | ISO 27001:2013 ISMS Foundation | Standards | No Expiration | N/A | |
| ISO/IEC 27002-F | ISO 27002 Foundation | Standards | No Expiration | N/A | |
| ISO/IEC 27002-LI | ISO 27002 Lead Implementer | Standards | 4 Years | N/A | |
| ISO/IEC 31000-LRM | ISO 31000 Certified Lead Risk Manager | Standards | No Expiration | N/A | |
| ISECOM | OPSA | OSSTMM Professional Security Analyst | Security Analyst | No Expiration | N/A |
| OPST | OSSTMM Professional Security Tester | Penetration Tester | No Expiration | N/A | |
| OPSE | OSSTMM Professional Security Expert | General Cyber Security | No Expiration | N/A | |
| OWSE | OSSTMM Wireless Security Expert | Penetration Tester | No Expiration | N/A | |
| CTA | OSSTMM Certified Trust Analyst | Trust Management | No Expiration | N/A | |
| SAI | Certified Security Awareness Instructor | Cyber Security Trainer | No Expiration | N/A | |
| CHA | Certified Hacker Analyst | Penetration Tester | No Expiration | N/A | |
| CHAT | Certified Hacker Analyst Trainer | Cyber Security Trainer | No Expiration | N/A | |
| HISPI | HISP | Holistic Information Security Practitioner | General Cyber Security | 3 Years | N/A |
| Blockchain Training Alliance | CBSP | Certified Blockchain Security Professional | Blockchain | 2 Years | N/A |
| Crypto Consortium | CCSSA | CryptoCurrency Security Standard Auditor | Blockchain | - | N/A |
| The Open Group | OG0-041 | Open FAIR Foundation | Risk Management | - | N/A |
| TOGAF9-F | TOGAF 9 Foundation | Security Architecture | - | N/A | |
| TOGAF9-C | TOGAF 9 Certified | Security Architecture | - | N/A | |
| TCM Security | PJPT | Practical Junior Penetration Tester | Penetration Tester | No expiration | N/A |
| PNPT | Practical Network Penetration Tester | Penetration Tester | No expiration | N/A | |
| PCRP | Practical Career-Ready Professional | Penetration Tester | No expiration | N/A | |
| PJMR | Practical Junior Malware Researcher | Malware Analysis | No expiration | N/A | |
| PJMT | Practical Junior Mobile Tester | Penetration Tester | No expiration | N/A | |
| PJWT | Practical Junior Web Tester | Penetration Tester | No expiration | N/A | |
| Star Certification | SCSU | Star Cyber Secure User | Security Awareness | 3 years [25] | N/A |
| EHE | Star Certified Ethical Hacking Expert | Penetration Testing | 3 years [26] | N/A | |
| SESS | Star Expert Security Specialist | Penetration Testing | 3 years [27] | N/A | |
| SMFAS | Star Mobile Forensic and Advance Security | Forensics | 3 years [28] | N/A | |
| SPTE | Star Penetration Tester Experts [29] | Penetration Testing | 3 years [30] | N/A | |
| SSCA | Star Secure Cyber Analytics | Penetration Testing | 3 years [31] | N/A | |
| SFICH-007 | Star Forensic investigator in Computer Hacking-007 | Forensics | 3 years [32] | N/A | |
| SSPE.Net | Star Secure Programmer Expert- .Net | Software Development | 3 years [33] | N/A | |
| SSPE-Java | Star Secure Programmer Expert- Java | Software Development | 3 years [34] | N/A | |
| SSPE-Android | Star Secure Programmer Expert- Android | Software Development | 3 years [35] | N/A | |
| SSPE-PHP | Star Secure Programmer Expert- PHP | Software Development | 3 years [36] | N/A | |
| Zero-Point Security | CRTO | Certified Red Team Operator | Red Teaming | N/A | N/A |
| CRTL | Certified Red Team Lead | Red Teaming | N/A | N/A | |
| EC First | CCSA | Certified Cyber Security Architect | Security Architecture | 3 years | N/A |
| CSCS | Certified Security Compliance Specialist | Risk/Compliance | 3 years | N/A | |
| CMMP | Certified CMMC Professional | Standards | 3 years | N/A | |
| CWNP | CWS | Certified Wireless Specialist | Wireless Security | 3 years | N/A |
| Hack the box (HTB) | CBBH | Certified Bug Bounty Hunter | No expiration | N/A | |
| CPTS | Certified Penetration Testing Specialist | Penetration Testing | No expiration | N/A | |
| CDSA | Certified Defensive Security Analyst | Security Analyst | No expiration | N/A | |
| CWEE | Certified Web Exploitation Expert | Penetration Testing | No expiration | N/A |
| Issuing Organization | Credential Abbreviation | Certification Title | Focus | Validity duration | Number issued |
|---|---|---|---|---|---|
| Cisco | CCNA Security | Cisco Certified Network Associate - Security | Network Security | 3 years [37] | |
| CCNA CyberOps | Cisco Certified Network Associate - CyberOps | Network Security | 3 years [37] | ||
| CCNP Security | Cisco Certified Network Professional - Security | Network Security | 3 years [37] | ||
| CCIE Security | Cisco Certified Internetwork Expert - Security | Network Security | 3 years [37] | 2062 [38] | |
| Check Point | CCSA | Check Point Certified Security Administrator | Network Security | ||
| CCSE | Check Point Certified Security Expert | Network Security | |||
| Kali | KLCP | Kali Linux Certified Professional | Penetration Testing | No expiration | N/A |
| IBM | - | IBM Certified Deployment Professional - Security Access Manager V9.0 | Access Control | ||
| - | IBM Certified Associate Administrator - Security Guardium Data Protection V10.1.2 | Data Protection | |||
| - | IBM Certified Administrator - Security Guardium V10.0 | Data Protection | |||
| - | IBM Certified Deployment Professional - Identity Governance and Intelligence V5.2 | Access Control | |||
| - | IBM Certified Analyst - i2 Analysts Notebook V9 | Threat Intelligence | |||
| - | IBM Certified SOC Analyst - IBM QRadar SIEM V7.3.2 | Threat Intelligence | |||
| - | IBM Certified Associate Analyst - IBM QRadar SIEM V7.3.2 | Threat Intelligence | |||
| - | IBM Certified Associate Administrator - IBM QRadar SIEM V7.3.2 | Threat Intelligence | |||
| - | IBM Certified Deployment Professional - IBM QRadar SIEM V7.3.2 | Threat Intelligence | |||
| - | IBM Certified Deployment Professional - Security Identity Governance and Intelligence V5.2.5 | Access Control | |||
| Microsoft | AZ-500 | Microsoft Certified: Azure Security Engineer Associate | Cloud Security | 1 year * [39] | |
| MS-500 | Microsoft 365 Certified: Security Administrator Associate | Cloud Security | 1 year * [39] | ||
| SC-100 | Microsoft Certified: Cybersecurity Architect Expert | Security Architect | 1 year * [39] | ||
| SC-200 | Microsoft Certified: Security Operations Analyst Associate | SIEM | 1 year * [39] | ||
| SC-300 | Microsoft Certified: Identity and Access Administrator Associate | IAM | 1 year * [39] | ||
| SC-400 | Microsoft Information Protection Administrator | Risk/Compliance | 1 year * [39] | ||
| SC-900 | Microsoft Certified: Security, Compliance, and Identity Fundamentals | Fundamentals | No expiration [40] | ||
| AWS | - | AWS Certified Security - Specialty | Cloud Security | ||
| - | Google Professional Cloud Security Engineer | Cloud Security | |||
| Jamf | JCESA | Jamf Certified Endpoint Security Admin | macOS Security | ||
| Alibaba | ACA | ACA Cloud Security Certification | Cloud Security | ||
| ACP | ACP Cloud Security Certification | Cloud Security | |||
| ACE | ACE Cloud Security Expert | Cloud Security | |||
| Red hat | EX415 | Red Hat Certified Specialist in Security: Linux | IT-Administration | ||
| EX425 | Red Hat Certified Specialist in Security: Containers and OpenShift Container | IT-Administration | |||
| OpenText | EnCE | EnCase Certified Examiner | Forensics | ||
| EnCEP | EnCase Certified eDiscovery Practitioner | Forensics | |||
| CFSR | EnCase Certified Forensic Security Responder | Forensics | |||
| Fortinet | NSE 1/2/3 | Network Security Professional Associate | vendor-specific products | 2 years [41] | |
| NSE 4 | Network Security Professional | firewalls | 2 years [41] | ||
| NSE 5 | Network Security Analyst | administration | 2 years [41] | ||
| NSE 6 | Network Security Specialist | vendor-specific products | 2 years [41] | ||
| NSE 7 | Network Security Architect | firewalls | 2 years [41] | ||
| NSE 8 | Network Security Expert | firewalls | 2 years | ||
| Juniper | JNCIA-SEC | Juniper Networks Certified Associate | Network Security | 3 years | |
| JNCIS-SEC | Juniper Networks Certified Specialist | Network Security | 3 years | ||
| JNCIP-SEC | Juniper Networks Certified Professional | Network Security | 3 years | ||
| JNCIE-SEC | Juniper Networks Certified Expert | Network Security | 3 years | ||
| JNCDS-SEC | Juniper Networks Certified Design Specialist Security | Network Security | 3 years | ||
| Palo Alto | PCNSA | Palo Alto Networks Certified Network Security Administrator | Network Security | ||
| PCNSE | Palo Alto Networks Certified Network Security Engineer | Network Security | |||
| PCCET | Palo Alto Networks Certified Cybersecurity Entry-level Technician | General Cyber Security | |||
| PCDRA | Palo Alto Networks Certified Detection and Remediation Analyst | Network Security | |||
| PCCSE | Palo Alto Networks Prisma Certified Cloud Security Engineer | Cloud Security | |||
| PCSAE | Palo Alto Networks Certified Security Automation Engineer | Threat Intelligence | |||
| Symantec, (since 2015 NortonLifeLock ) | 250-215 | Administration of Symantec Messaging Gateway 10.6 | Network Security | ||
| 250-420 | Administration of Symantec VIP (March 2017) | Network Security | |||
| 250-426 | Administration of Symantec Data Center Security - Server Advanced 6.7 | Network Security | |||
| 250-428 | Administration of Symantec Endpoint Protection 14 | Network Security | |||
| 250-430 | Administration of Blue Coat ProxySG 6.6 | Network Security | |||
| 250-433 | Administration of Blue Coat Security Analytics 7.2 | Network Security | |||
| 250-438 | Administration of Symantec Data Loss Prevention 15* | Network Security | |||
| 250-440 | Administration of Symantec PacketShaper 11.9.1* | Network Security | |||
| 250-441 | Administration of Symantec Advanced Threat Protection 3.0* | Network Security | |||
| 251/250-443 | Administration of Symantec CloudSOC - R2* | Network Security | |||
| 250-444 | Administration of Symantec Secure Sockets Layer Visibility 5.0* | Network Security | |||
| 250-445 | Administration of Symantec Email Security.cloud - v1* | Network Security | |||
| 251/250-446 | Administration of Symantec Web Security Service (WSS) - R1* | Network Security | |||
| 251/250-447 | Administration of Symantec Client Management Suite 8.5* | Network Security | |||
| 251/250-551 | Administration of Symantec Endpoint Detection and Response 4.1* | Network Security | |||
| 250-556 | Administration of Symantec ProxySG 6.7* | Network Security |
Microsoft 1 year *: you have to do a free refresh exam within 180 days before expiration. if not done, the certificate expire otherwise it extends by 1 year.
The SANS Institute is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for training include cyber and network defenses, penetration testing, incident response, digital forensics, and auditing. The information security courses are developed through a consensus process involving administrators, security managers, and information security professionals. The courses cover security fundamentals and technical aspects of information security. The institute has been recognized for its training programs and certification programs. Per 2021, SANS is the world’s largest cybersecurity research and training organization. SANS is an acronym for SysAdmin, Audit, Network, and Security.
CISSP is an independent information security certification granted by the International Information System Security Certification Consortium, also known as ISC2.
Global Information Assurance Certification (GIAC) is an information security certification entity that specializes in technical and practical certification as well as new research in the form of its GIAC Gold program. SANS Institute founded the certification entity in 1999 and the term GIAC is trademarked by The Escal Institute of Advanced Technologies.
ISACA is an international professional association focused on IT governance. On its IRS filings, it is known as the Information Systems Audit and Control Association, although ISACA now goes by its acronym only. ISACA currently offers 8 certification programs, as well as other micro-certificates.
A computer repair technician is a person who repairs and maintains computers and servers. The technician's responsibilities may extend to include building or configuring new hardware, installing and updating software packages, and creating and maintaining computer networks.
The following outline is provided as an overview of and topical guide to information technology:
The Certified Internet Web Professional (CIW) education program was created by a community of Web designers and developers in the late 1990s. The company that currently owns CIW, Certification Partners, offers books, on-line learning and high-stakes exams. Third-party companies also sell CIW preparation material.
Corey Schou is University Professor of Informatics and Associate Dean at Idaho State University, director of the National Information Assurance Training and Education Center (NIATEC) and the Simplot Decision Support Center (SDSC), and for ten years the chair of the Colloquium for Information Systems Security Education (CISSE).
Robert Michael Slade, also known as Robert M. Slade and Rob Slade, is a Canadian information security consultant, researcher and instructor. He is the author of Robert Slade's Guide to Computer Viruses, Software Forensics, Dictionary of Information Security and co-author of Viruses Revealed. Slade is the author of thousands of technical book reviews, today published on the techbooks mailing list and in the RISKS Digest, and archived in his Internet Review Project. An expert on computer viruses and malware, he is also the Mr. Slade of "Mr. Slade's lists".
The Institute for the Certification of Computing Professionals (ICCP) is a non-profit institution for professional certification in the Computer engineering and Information technology industry. It was founded in 1973 by 8 professional computer societies to promote certification and professionalism in the industry, lower the cost of development and administration of certification for all of the societies and act as the central resource for job standards and performance criteria.
Michael Gregg is an American computer security specialist, businessman, author and co-author of several books, including Build Your Own Network Security Lab and Inside Network Security Assessment. He has also served as an expert witness before a congressional committee on cyber security and identity theft.
The Computing Technology Industry Association, more commonly known as CompTIA, is an American non-profit trade association that issues professional certifications for the information technology (IT) industry. It is considered one of the IT industry's top trade associations.
Kaplan IT Training, formerly Transcender, provides IT certification practice exams, practice labs, and online learning courses. Kaplan IT Training offers test preparation solutions that are used by IT professionals to improve their technical skills and prepare for industry certification exams, including
Boris Loza is the founder of SafePatrol Solutions and Tego Systems, as well as a Certified Information Systems Security Professional (CISSP). He was born in Krasnodar, Russia, where he attained a Master's degree at the age of 22 and a PhD at the age of 26, both in Computer Science and Cybernetics. While still living in the former USSR, Loza published more than 30 scientific articles, as well as secured one patent. Upon relocating to Canada in 1996, his PhD was confirmed by the Higher Attestation Committee of The University of Toronto.
The International Information System Security Certification Consortium, or ISC2, is a non-profit organization which specializes in training and certifications for cybersecurity professionals. It has been described as the "world's largest IT security organization". The most widely known certification offered by ISC2 is the Certified Information Systems Security Professional (CISSP) certification.
Eric Vanderburg is an American cyber security, storage networking and information technology professional and writer living in Cleveland, Ohio.
Microsoft Certified Professional was a certification program from Microsoft.
Stephen Cobb is an expert on security, privacy, and the risks related to digital technology.
Brigadier GeneralGregory (Greg) J. Touhill is Director of the world renowned Carnegie Mellon University Software Engineering Institute’s CERT Division. Previously, he was the president of AppGate Federal Group . He was previously appointed by President Barack Obama as the first Federal Chief Information Security Officer of the United States, stepping down in January, 2017. He was previously the Deputy Assistant Secretary, Office of Cybersecurity and Communications, National Programs and Protection Directorate, Department of Homeland Security. While at DHS he concurrently served as Director of the National Cybersecurity and Communications Integration Center (NCCIC) during 2014–2015.
William "Chuck" Easttom II is an American computer scientist specializing in cyber security, cryptography, quantum computing, and systems engineering.
