Career Certs


Home   |   Quote View   |   Card View


Choosing which certification depends on your priorities in career, interests and goals that change throughout your life. Working in Cyber Security is all about being in practice. It is important we maintain and keep sharpening ourselves as practitioners. Remember to instill passion for learning. Passion makes difficulties smooth and make your pursuit journey more rewarding.

Loading... Please wait..

Click on your desired block to jump right to that section.

FAQs  RedTeam  Pentest - Cloud & DevSecOps  Security - Cloud & DevSecOps  Security - FinTech  PenTest - Infra  PenTest - Wireless  PenTest - App - Web  PenTest - App - Mobile  Exploit Development  Reverse Engineering  Defense - Data  Defense - Software  Defense - Architecture  Defense - Threat Intelligence  Defense - Threat Hunting  Defense - Enterprise  Defense - Forensics  Defense - Incident Response  Industrial Control System  Management - Security  Governance  Vendor Specific  Providers  




Q: Which cert should I take? -

A: Focus on most recognized certs first. If less known ones supports your learning goal, you can take them too.


Q: Should I keep renewing certs? -

A: Depending on job sectors you're working now or will be working in future.


Q: Should I take all certs? -

A: If you enjoy taking them all, it's your personal choice but never take them just to show off.


Q: Should I invest in expensive cert like SANS?

A: Whether a thing is worth depends on how you value it or how it is beneficial to your professional/personal hobby projects.





RedTeam



Offensive Security Experienced Penetration Tester (OSEP)

ELearnSecurity Penetration Tester Xtreme (eCPTx)

Pentester Academy Certified Red Teaming Expert (CRT Expert)

Pentester Academy Certified Red Teaming Professional (CRT Pro)

Pentester Academy Certified Enterprise Security Specialist (PACES)

CREST Certified Simulated Attack Specialist (CCSAS)

CREST Certified Simulated Attack Manager (CCSAM)

ZeroPointSecurity - Certified Red Team Ops - https://www.zeropointsecurity.co.uk/

Mossé Cyber Security Institute - Certified Red Teamer

Certified Red Team Operations Professional (CRTOP) - https://www.iacertification.org/crtop_certified_red_team_operations_professional.html




Pentest - Cloud & DevSecOps



GIAC Cloud Penetration Tester (GCPN) - https://www.sans.org/cyber-security-courses/cloud-penetration-testing/

Pentester Academy Container Security Professional (PACOSP)

Pentester Academy Cloud Security Professional (PACSP)




Security - Cloud & DevSecOps



Microsoft Certified: Azure Security Engineer Associate

AWS Certified Security - Specialty

Certified DevSecOps Professional - https://www.practical-devsecops.com

Certified DevSecOps Expert - https://www.practical-devsecops.com

DevSecOps Foundation (DSOF) - https://www.practical-devsecops.com

Certified DevSecOps Architect - https://www.practical-devsecops.com

Certified DevSecOps Leader - https://www.practical-devsecops.com

Alibaba Cloud Certified Professional - Security

Alibaba Cloud Certified Associate - Security

DevOps certifications - https://devopsinstitute.com/

AWS DevOps - https://aws.amazon.com/certification/certification-prep/

Certified Kubernetes Security Specialist (CKS) - https://www.cncf.io/certification/cks/




Security - FinTech



Certified Blockchain Security Professional - https://blockchaintrainingalliance.com/products/cbsp




PenTest - Infra



Offensive Security Certified Professional (OSCP) - latest revision: 2020

CREST Certified Infrastructure Tester (CCT - Infra)

CREST Registered Penetration Tester (CRT)

EC-Council Licensed Penetration Tester (LPT-Master)

ELearnSecurity Certified Professional Penetration Tester (eCPT)

GIAC Penetration Tester (GPEN)

Mile2 Certified Penetration Testing Consultant (CPTC)

Mile2 Certified Penetration Testing Engineer (CPTE)

Mossé Cyber Security Institute - Certified Penetration Tester




PenTest - Wireless



CREST Wireless Specialist

Offensive Security Wireless Professional (OSWP)

SANS GIAC Assessing and Auditing Wireless Networks (GAWN)

Pentester Academy WiFi Security Professional (PAWSP)




PenTest - App - Web



CREST Certified Web Application Tester (CCT - App)

GIAC Web Application Penetration Tester (GWAPT)

Offensive Security Web Expert (OSWE)

ELearnSecurity Web application Penetration Tester eXtreme (eWPTX)

ELearnSecurity Web application Penetration Tester (eWPT)




PenTest - App - Mobile



ELearnSecurity Mobile Application Penetration Tester (eMAPT)

GIAC Mobile Device Security Analyst (GMOB)




Exploit Development



ELearnSecurity Certified eXploit Developer (eCXD)

GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)

GIAC Python Coder (GPYC)

Offensive Security Exploit Developer (OSED)

Offensive Security Exploitation Expert (OSEE)




Reverse Engineering



CREST Certified Malware Reverse Engineer

SANS GIAC Reverse Engineering Malware (GREM)

ELearnSecurity Certified Reverse Engineer




Defense - Data



Certified Data Privacy Solutions Engineer by ISACA

SECO Data Protection Officer - https://www.seco-institute.org/certifications/certified-data-proctection-officer-cdpo/




Defense - Software



EC-Council Certified Application Security Engineer (CASE) Java/.Net

EC-Council Certified Blockchain Professional (CBP)

EC-Council Certified Encryption Specialist (ECES)

ELearnSecurity Web Defense Professional

ISC2 - Certified Secure Software Lifecycle Professional

ISC2 .Net: Secure Software Practitioner

ISC2 Architect: Secure Software Practitioner

ISC2 iOS: Secure Software Practitioner (swift + ios)

ISC2 Java: Secure Software Practitioner

Mile2 Certified Secure Web Application Engineer

SANS GIAC Certified Web Application Defender (GWEB)

SANS GIAC Secure Software Programmer- .NET (GSSP-.NET)

SANS GIAC Secure Software Programmer-Java (GSSP-JAVA)




Defense - Architecture



CREST Certified Technical Security Architect

CREST Registered Technical Security Architect

GIAC Defensible Security Architecture (GDSA)




Defense - Threat Intelligence



CREST Certified Threat Intelligence Manager

CREST Registered Threat Intelligence Analyst

EC-Council Certified Threat Intelligence Analyst (C|TIA)

GIAC Cyber Threat Intelligence (GCTI)




Defense - Threat Hunting



ELearnSecurity Threat Hunting Professional

Mossé Cyber Security Institute - Certified Threat Hunter




Defense - Enterprise



CompTIA (CASP) Advanced Security Practitioner

CompTIA Cybersecurity Analyst+ (CSA+)

CREST Certified Intrusion Manager

EC-Council Advanced Network Defense

ELearnSecurity Network Defense Professional

GIAC Defending Advanced Threats (GDAT)

ISCA CSX Practitioner

Mossé Cyber Security Institute - Certified Blue Teamer

Mossé Cyber Security Institute - Certified Security Engineer

SANS Certified Intrusion Analyst

SANS Certified Perimeter Protection Analyst

SANS Certified UNIX Security Administrator

SANS Certified Windows Security Administrator

SANS GCCC (Critical Controls)

SANS GIAC Certified Enterprise Defender




Defense - Forensics



ACE: AccessData Certified Examiner

Certified Computer Examiner (CCE)

CFCE: Certified Forensic Computer Examiner

EC-Council CHFI: Computer Hacking Forensic Investigator

EnCe: EnCase Certified Examiner

GIAC Advanced Smartphone Forensics (GASF)

GIAC Certified Forensic Analyst (GCFA)

GIAC Certified Forensic Examiner (GCFE)

GIAC Network Forensic Analyst (GNFA)

GIAC Reverse Engineering Malware (GREM)




Defense - Incident Response



CREST Certified Host Intrusion Analyst

CREST Certified Incident Manager

CREST Certified Network Intrusion Analyst

CREST Practitioner Intrusion Analyst

CREST Registered Intrusion Analyst

CyberSec First Responder: Threat Detection and Response

EC-Council CERTIFIED SOC ANALYST (CSA)

ELearnSecurity Certified Incident Responder

GIAC Continuous Monitoring Certification (GMON)

SANS Certified Detection Analyst

SANS GIAC Certified Incident Handler




Industrial Control System



SANS GIAC Critical Infrastructure Protection

SANS GIAC Global Industrial Cyber Security Professional

SANS GIAC Response and Industrial Defense




Management - Security



CSA Certificate of Cloud Security Knowledge (CCSK)

EC-Council - C|CISO (Chief Information Security Officer)

GIAC Information Security Professional (GISP)

ISC2 Certified Cloud Security Professional (CCSP)

ISC2 Certified Information Systems Security Professional (CISSP)

ISC2 Healthcare Security Certification (HCISPP)

ISC2 Information Systems Security Architecture Professional (CISSP-ISSAP)

ISC2 Information Systems Security Engineering Professional (CISSP-ISSEP)

ISC2 Information Systems Security Management Professional (CISSP-ISSMP)

Mile2 Certified Cloud Security Officer (CSO)

Mile2 Certified Information Systems Security Officer (CISSO)

Mile2 Certified Security Leadership Officer (CSLO)

SANS GIAC Certified Project Manager (GCPM)

SANS GIAC Security Leadership (GSLC) - MGT512

SANS GIAC Strategic Planning, Policy, and Leadership (GSTRT) MGT514

SECO CISO - https://www.seco-institute.org/certifications/ciso/




Governance



ISACA Certified in Risk and Information Systems Control (CRISC)

ISACA Certified in the Governance of Enterprise IT (CGEIT)

ISACA Certified Information Security Manager (CISM)

ISACA Certified Information Systems Auditor (CISA)

SANS GIAC Legal Law of Data Security & Investigations (GLEG)




Vendor Specific



AWS Certified Security - Specialty

Cisco Security Certification (CyberOPS, Security Tracks)

Microsoft Certified Azure Security Technologies (Associate)




Providers



CompTIA

CREST

EC-Council

ELearnSecurity

International Society of Forensic Computer Examiners, also known as ISFCE

ISACA

ISC2

Mile2

Mossé Cyber Security Institute

Offensive Security

Pentester Academy

Professional Certified Investigator (PCI)

SANS / GIAC