Career Certs

These are my personal notes. Read them at your own risks!
I'm not responsible for potential wrong assumptions, ideas, philosophies and practices.

Career Certs
Home | Paragraph View | Card View

Choosing which certification depends on your priorities in career, interests and goals that change throughout your life. Working in Cyber Security is all about being in practice. It is important we maintain and keep sharpening ourselves as practitioners. Remember to instill passion for learning. Passion makes difficulties smooth and make your pursuit journey more rewarding.

Loading... Please wait..

FAQs

“ Q: Which cert should I take? -

A: Focus on most recognized certs first. If less known ones supports your learning goal, you can take them too. ”

“ Q: Should I keep renewing certs? -

A: Depending on job sectors you're working now or will be working in future. ”

“ Q: Should I take all certs? -

A: If you enjoy taking them all, it's your personal choice but never take them just to show off. ”

“ Q: Should I invest in expensive cert like SANS?

A: Whether a thing is worth depends on how you value it or how it is beneficial to your professional/personal hobby projects. ”

RedTeam

“ Offensive Security Experienced Penetration Tester (OSEP) ”

“ ELearnSecurity Penetration Tester Xtreme (eCPTx) ”

“ Pentester Academy Certified Red Teaming Expert (CRT Expert) ”

“ Pentester Academy Certified Red Teaming Professional (CRT Pro) ”

“ Pentester Academy Certified Enterprise Security Specialist (PACES) ”

“ CREST Certified Simulated Attack Specialist (CCSAS) ”

“ CREST Certified Simulated Attack Manager (CCSAM) ”

“ ZeroPointSecurity - Certified Red Team Ops - https://www.zeropointsecurity.co.uk/ ”

“ Mossé Cyber Security Institute - Certified Red Teamer ”

“ Certified Red Team Operations Professional (CRTOP) - https://www.iacertification.org/crtop_certified_red_team_operations_professional.html ”

Pentest - Cloud & DevSecOps

“ GIAC Cloud Penetration Tester (GCPN) - https://www.sans.org/cyber-security-courses/cloud-penetration-testing/ ”

“ Pentester Academy Container Security Professional (PACOSP) ”

“ Pentester Academy Cloud Security Professional (PACSP) ”

Security - Cloud & DevSecOps

“ Microsoft Certified: Azure Security Engineer Associate ”

“ AWS Certified Security - Specialty ”

“ Certified DevSecOps Professional - https://www.practical-devsecops.com ”

“ Certified DevSecOps Expert - https://www.practical-devsecops.com ”

“ DevSecOps Foundation (DSOF) - https://www.practical-devsecops.com ”

“ Certified DevSecOps Architect - https://www.practical-devsecops.com ”

“ Certified DevSecOps Leader - https://www.practical-devsecops.com ”

“ Alibaba Cloud Certified Professional - Security ”

“ Alibaba Cloud Certified Associate - Security ”

“ DevOps certifications - https://devopsinstitute.com/ ”

“ AWS DevOps - https://aws.amazon.com/certification/certification-prep/ ”

“ Certified Kubernetes Security Specialist (CKS) - https://www.cncf.io/certification/cks/ ”

Security - FinTech

“ Certified Blockchain Security Professional - https://blockchaintrainingalliance.com/products/cbsp ”

PenTest - Infra

“ Offensive Security Certified Professional (OSCP) - latest revision: 2020 ”

“ CREST Certified Infrastructure Tester (CCT - Infra) ”

“ CREST Registered Penetration Tester (CRT) ”

“ EC-Council Licensed Penetration Tester (LPT-Master) ”

“ ELearnSecurity Certified Professional Penetration Tester (eCPT) ”

“ GIAC Penetration Tester (GPEN) ”

“ Mile2 Certified Penetration Testing Consultant (CPTC) ”

“ Mile2 Certified Penetration Testing Engineer (CPTE) ”

“ Mossé Cyber Security Institute - Certified Penetration Tester ”

PenTest - Wireless

“ CREST Wireless Specialist ”

“ Offensive Security Wireless Professional (OSWP) ”

“ SANS GIAC Assessing and Auditing Wireless Networks (GAWN) ”

“ Pentester Academy WiFi Security Professional (PAWSP) ”

PenTest - App - Web

“ CREST Certified Web Application Tester (CCT - App) ”

“ GIAC Web Application Penetration Tester (GWAPT) ”

“ Offensive Security Web Expert (OSWE) ”

“ ELearnSecurity Web application Penetration Tester eXtreme (eWPTX) ”

“ ELearnSecurity Web application Penetration Tester (eWPT) ”

PenTest - App - Mobile

“ ELearnSecurity Mobile Application Penetration Tester (eMAPT) ”

“ GIAC Mobile Device Security Analyst (GMOB) ”

Exploit Development

“ ELearnSecurity Certified eXploit Developer (eCXD) ”

“ GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) ”

“ GIAC Python Coder (GPYC) ”

“ Offensive Security Exploit Developer (OSED) ”

“ Offensive Security Exploitation Expert (OSEE) ”

Reverse Engineering

“ CREST Certified Malware Reverse Engineer ”

“ SANS GIAC Reverse Engineering Malware (GREM) ”

“ ELearnSecurity Certified Reverse Engineer ”

Defense - Data

“ Certified Data Privacy Solutions Engineer by ISACA ”

“ SECO Data Protection Officer - https://www.seco-institute.org/certifications/certified-data-proctection-officer-cdpo/ ”

Defense - Software

“ EC-Council Certified Application Security Engineer (CASE) Java/.Net ”

“ EC-Council Certified Blockchain Professional (CBP) ”

“ EC-Council Certified Encryption Specialist (ECES) ”

“ ELearnSecurity Web Defense Professional ”

“ ISC2 - Certified Secure Software Lifecycle Professional ”

“ ISC2 .Net: Secure Software Practitioner ”

“ ISC2 Architect: Secure Software Practitioner ”

“ ISC2 iOS: Secure Software Practitioner (swift + ios) ”

“ ISC2 Java: Secure Software Practitioner ”

“ Mile2 Certified Secure Web Application Engineer ”

“ SANS GIAC Certified Web Application Defender (GWEB) ”

“ SANS GIAC Secure Software Programmer- .NET (GSSP-.NET) ”

“ SANS GIAC Secure Software Programmer-Java (GSSP-JAVA) ”

Defense - Architecture

“ CREST Certified Technical Security Architect ”

“ CREST Registered Technical Security Architect ”

“ GIAC Defensible Security Architecture (GDSA) ”

Defense - Threat Intelligence

“ CREST Certified Threat Intelligence Manager ”

“ CREST Registered Threat Intelligence Analyst ”

“ EC-Council Certified Threat Intelligence Analyst (C|TIA) ”

“ GIAC Cyber Threat Intelligence (GCTI) ”

Defense - Threat Hunting

“ ELearnSecurity Threat Hunting Professional ”

“ Mossé Cyber Security Institute - Certified Threat Hunter ”

Defense - Enterprise

“ CompTIA (CASP) Advanced Security Practitioner ”

“ CompTIA Cybersecurity Analyst+ (CSA+) ”

“ CREST Certified Intrusion Manager ”

“ EC-Council Advanced Network Defense ”

“ ELearnSecurity Network Defense Professional ”

“ GIAC Defending Advanced Threats (GDAT) ”

“ ISCA CSX Practitioner ”

“ Mossé Cyber Security Institute - Certified Blue Teamer ”

“ Mossé Cyber Security Institute - Certified Security Engineer ”

“ SANS Certified Intrusion Analyst ”

“ SANS Certified Perimeter Protection Analyst ”

“ SANS Certified UNIX Security Administrator ”

“ SANS Certified Windows Security Administrator ”

“ SANS GCCC (Critical Controls) ”

“ SANS GIAC Certified Enterprise Defender ”

Defense - Forensics

“ ACE: AccessData Certified Examiner ”

“ Certified Computer Examiner (CCE) ”

“ CFCE: Certified Forensic Computer Examiner ”

“ EC-Council CHFI: Computer Hacking Forensic Investigator ”

“ EnCe: EnCase Certified Examiner ”

“ GIAC Advanced Smartphone Forensics (GASF) ”

“ GIAC Certified Forensic Analyst (GCFA) ”

“ GIAC Certified Forensic Examiner (GCFE) ”

“ GIAC Network Forensic Analyst (GNFA) ”

“ GIAC Reverse Engineering Malware (GREM) ”

Defense - Incident Response

“ CREST Certified Host Intrusion Analyst ”

“ CREST Certified Incident Manager ”

“ CREST Certified Network Intrusion Analyst ”

“ CREST Practitioner Intrusion Analyst ”

“ CREST Registered Intrusion Analyst ”

“ CyberSec First Responder: Threat Detection and Response ”

“ EC-Council CERTIFIED SOC ANALYST (CSA) ”

“ ELearnSecurity Certified Incident Responder ”

“ GIAC Continuous Monitoring Certification (GMON) ”

“ SANS Certified Detection Analyst ”

“ SANS GIAC Certified Incident Handler ”

Industrial Control System

“ SANS GIAC Critical Infrastructure Protection ”

“ SANS GIAC Global Industrial Cyber Security Professional ”

“ SANS GIAC Response and Industrial Defense ”

Management - Security

“ CSA Certificate of Cloud Security Knowledge (CCSK) ”

“ EC-Council - C|CISO (Chief Information Security Officer) ”

“ GIAC Information Security Professional (GISP) ”

“ ISC2 Certified Cloud Security Professional (CCSP) ”

“ ISC2 Certified Information Systems Security Professional (CISSP) ”

“ ISC2 Healthcare Security Certification (HCISPP) ”

“ ISC2 Information Systems Security Architecture Professional (CISSP-ISSAP) ”

“ ISC2 Information Systems Security Engineering Professional (CISSP-ISSEP) ”

“ ISC2 Information Systems Security Management Professional (CISSP-ISSMP) ”

“ Mile2 Certified Cloud Security Officer (CSO) ”

“ Mile2 Certified Information Systems Security Officer (CISSO) ”

“ Mile2 Certified Security Leadership Officer (CSLO) ”

“ SANS GIAC Certified Project Manager (GCPM) ”

“ SANS GIAC Security Leadership (GSLC) - MGT512 ”

“ SANS GIAC Strategic Planning, Policy, and Leadership (GSTRT) MGT514 ”

“ SECO CISO - https://www.seco-institute.org/certifications/ciso/ ”

Governance

“ ISACA Certified in Risk and Information Systems Control (CRISC) ”

“ ISACA Certified in the Governance of Enterprise IT (CGEIT) ”

“ ISACA Certified Information Security Manager (CISM) ”

“ ISACA Certified Information Systems Auditor (CISA) ”

“ SANS GIAC Legal Law of Data Security & Investigations (GLEG) ”

Vendor Specific

“ AWS Certified Security - Specialty ”

“ Cisco Security Certification (CyberOPS, Security Tracks) ”

“ Microsoft Certified Azure Security Technologies (Associate) ”

Providers

“ CompTIA ”

“ CREST ”

“ EC-Council ”

“ ELearnSecurity ”

“ International Society of Forensic Computer Examiners, also known as ISFCE ”

“ ISACA ”

“ ISC2 ”

“ Mile2 ”

“ Mossé Cyber Security Institute ”

“ Offensive Security ”

“ Pentester Academy ”

“ Professional Certified Investigator (PCI) ”

“ SANS / GIAC ”

Career Certs Home | Paragraph View | Card View