Alternate format: Certifications in the field of cyber security - 2020 (PDF, 1 MB)
Foreword
The Certifications in the Field of Cyber Security is an UNCLASSIFIED publication. The guide provides information about many of the certifications available for prospective students and cyber security professionals. The intent is not to recommend any certification body or certification in particular, but to provide a listing of some of the different certifications that may help advance an individual’s career in the field of cyber security.
Information is sourced from the websites of the certification bodies referenced in this guide.
Disclaimer: The Communications Security Establishment does not endorse or recommend any of the certification bodies or certifications listed in this document. Information provided is intended to be a general summary of publicly available information and is provided for informational purposes only.
Revision history
Revision | Amendments | Date |
---|---|---|
1 | First release | November 2020 |
Table of contents
- 1.0 Introduction
- 2.0 Globally Recognized certifications bodies
- 3.0 Cyber Security certification listings and descriptions
List of Tables
- Table 1 CertNexus certification listing and descriptions
- Table 2 Cisco Systems certification listing and descriptions
- Table 3 CompTIA certification listing and descriptions
- Table 4 CREST certification listing and descriptions
- Table 5 CWNP certification listing and descriptions
- Table 6 EC Council certification listing and descriptions
- Table 7 GIAC certification listing and descriptions
- Table 8 (ISC)2 certification listing and descriptions
- Table 9 ISACA certification listing and descriptions
- Table 10 itSM Solutions certification listing and descriptions
- Table 11 McAfee Institute certification listing and descriptions
- Table 12 Offensive Security certification listing and descriptions
- Table 13 SECO Institute certification listing and descriptions
1.0 Introduction
There continues to be a growing demand for qualified cyber security professionals and practitioners in Canada and around the world. With the increasing need for cyber security professionals, the value of IT certification is also increasing. The right certification can give you an advantage over other job candidates. Organizations are looking for talent with superior training and real-world experience.
Obtaining a certification demonstrates to future employers that an individual is competent, skilled, and experienced in certain areas. Additionally, given the time and financial investment that many certifications require, some employers see certification as a measure of commitment to a career in the field.
Certifications are not only a great supplement to a professional’s other qualifications; it can also lead to a salary increase. According to a study conducted by Global Knowledge, an individual with a certification can earn up to 15% more than those without itFootnote 1. Furthermore, maintaining certification often requires meeting continuing education requirements, ensuring that certificate holders are keeping up to date on the latest technologies and can continue to keep their organizations safe from emerging cyber security threats.
1.1 The Canadian Centre for Cyber Security
The Canadian Centre for Cyber Security (Cyber Centre), a part of the Communications Security Establishment, was officially launched in October 2018. The Cyber Centre’s Academic Outreach and Engagement team works with universities, colleges, educational associations, education ministerial boards and private sector educators to build cyber security talent and capacity in Canada. The team also works with educators to enhance the community’s understanding of cyber security. Its mission is to ensure Canada is a global leader in cyber security by elevating cyber education.
1.2 Purpose
The primary audience for this guide is prospective cyber security students or professionals looking to advance their careers in the field. The guide highlights some of the more in-demand, globally recognized certifications offered by providers around the world. A complete list of certifications can be found at the end of the guide (Table 1 CertNexus certification listing and descriptions).
Disclaimer: The Communications Security Establishment does not endorse or recommend any of the certification bodies or certifications listed in this document. Information provided is intended to be a general summary of publicly available information and is provided for informational purposes only.
Every effort has been made to ensure accuracy of information, however, due to the dynamic nature of curricula and cyber security, this guide will be reviewed on a regular basis to ensure it reflects the most current certification offerings. New certifications and other suggested changes can be submitted by email to contact@cyber.gc.ca
2.0 Globally recognized certifications bodies
The following highlights some of the more popular and well-known cyber certifications available, in alphabetical order. A more comprehensive list of certifications can be found in the attached tables.
The Communications Security Establishment is not endorsing, supporting, or promoting any of the following certifications or certification bodies. This guide is solely for information purposes and should only be a starting point for anyone interested in obtaining a certification. We recommend that individuals do more in-depth research, while considering their own interests and career goals, time commitments and financial resources, before deciding which certification is right for them.
It should also be noted that while most of the certification bodies are American, their certifications are recognized around the world. Furthermore, candidates can find training through local providers, and many of the certification exams can be written at local testing centres, such as Pearson VUE, or taken online in your own home.
2.1 CertNexus
CertNexus offers certifications and micro-credentials in emerging technologies, such as Internet of Things, Artificial Intelligence, and human-machine interfaces. Their four cyber security certifications are valid for three years.
- The Certified First Responder (CRF) certificate validates the knowledge and skills required to protect critical information and systems before, during, and after an incident. It is DoD 8140 approved.
- Cyber Safe certification demonstrates that the holder can identify the most common risks involved in using mobile and cloud technologies, and to protect themselves and their organizations from cyber threats.
- Cyber Secure Coder (CSC) certificate holders have learned about the vulnerabilities that undermine security, identification, and remediation of those vulnerabilities, as well as strategies for dealing with security defects.
- The IRBIZ micro-credential is for IT leaders and executives who are responsible for complying with incident response legislation. Successfully completing the course and exam certifies that the candidate has the necessary skills to assess and respond to security threats, as well as operate a system and network security analysis platform.
A complete list of cyber security certifications offered by CertNexus can be found in Section 3.1.
2.2 Cisco Systems
Cisco Systems is a worldwide leader in networking hardware and solutions and most of today’s Internet traffic travels over Cisco-build network pathways. Obtaining one of their certifications demonstrates that you know how to work with Cisco solutions. There are five levels of certification in Cisco’s program:
- Entry: The starting point for individuals interested in starting a career as a networking professional.
- Associate: Individuals master the essentials needed to launch a career and expand job possibilities with the latest technologies.
- Professional: Individuals select a core technology track and a focused concentration exam to customize their professional level certification.
- Expert: Certification is accepted worldwide as the most prestigious certification in the technology industry.
- Architect: Demonstrates the architectural expertise of a network designer.
A complete list of cyber security certifications offered by Cisco Systems can be found in Section 3.2.
2.3 Computing Technology Industry Association
The Computing Technology Industry Association (CompTIA) issues certifications in over 120 countries with over 2.2 million recipients. The organization also releases 50 industry studies each year tracking trends and changes. They offer numerous certifications covering a wide range of IT fields, including cyber security, some of which are DoD approved to meet Directive 8140 requirements. The renewal process includes meeting continuing education requirements and paying the annual fees.
- CompTIA Advanced Security Practitioner (CASP+) is a performance-based certification for practitioners, rather than managers, at the advanced skill level of cyber security. CASP+ recipients have advanced-level knowledge of risk management, enterprise security operations and architecture, as well as research and collaboration.
- CompTIA Cyber Security Analyst (CySA+) certification is a security analyst certification that covers advanced persistent threats in a post-2014 cyber security environment. It validates one’s expertise in security analytics, intrusion detection, and response.
- CompTIA PenTest+ is for cyber security professionals who are responsible for penetration testing and vulnerability management. Certification holders have demonstrated their up-to-date hands-on ability and knowledge to test devices in new environments, like cloud or mobile, as well as traditional desktops and servers.
- CompTIA Security+ is an entry-level certification. Certificate holders are experts in threat management, cryptography, identity management, security systems, security risk identification and mitigation, network access control, and security infrastructure. Candidates must have 2 years’ experience in network security and have already obtained their Network+ certification.
A complete list of cyber security certifications offered by CompTIA can be found in Section 3.3.
2.4 Council for Registered Ethical Security Testers
The Council for Registered Ethical Security Testers (CREST) is a not for profit organization that provides internationally recognized certification and accreditation for companies and individuals. It has chapters in the UK, United States, Australia, Singapore, and Hong Kong. They provide examinations in Penetration Testing, Threat Intelligence, Incident Response, Security Architecture. The Incident Response has been approved by GCHQ. CREST exams have three levels of accreditation for individuals:
- Practitioner – Entry into profession
- Registered – Competent to work independently without supervision
- Certified – Technically competent to run major projects and teams
A complete list of cyber security certifications can be found in Section 3.4.
2.5 Certified Wireless Network Professionals
Certified Wireless Network Professionals (CWNP) is a vendor-neutral wireless LAN certification program. CWNP offers four levels of enterprise WLAN certifications, from novice to expert. Their certification programs prepare IT professionals and wireless LAN administrators to specify, design, and manage wireless LAN infrastructure and applications.
- Certified Wireless Network Expert (CWNE) is the highest-level certification in the CWNP program. Certificate holders have the most advanced skills available in today’s enterprise Wi-Fi market. Candidates must pass four certification exams, complete commercial wireless LAN deployments, provide three recommendations, meet experience and publication requirements, and pass a peer review by the CWNE Board of Advisors.
- Certified Wireless Security Professional (CWSP) is a professional level wireless LAN certification for the CWNP program that validates an individual’s ability to assess the vulnerability of a network and help prevent attacks before they happen, perform WLAN security audits and implement compliance monitoring solutions, and design a network’s security architecture. Candidates must obtain Certified Wireless Network Administrator (CWNA) certification before they can earn CWNP certification.
A complete list of cyber security certifications offered by CWNP can be found in Section 3.5.
2.6 EC Council
EC Council is a cyber security technical certification board and operates in 145 countries. It is endorsed by the US Government, National Security Agency, and the Committee on National Security Systems (CNSS).
- The Certified Ethical Hacker (ANSI) credential certifies one’s competence in the five phases of ethical hacking: reconnaissance, enumeration, gaining access, maintaining access, and covering tracks. Certification requires passing a 4-hour exam consisting of 125 questions.
- The Certified Ethical Hacker (Practical) designation targets the application of CEH skills to real-world security audit challenges and related scenarios. Candidates must complete a 6-hour exam featuring 20 case studies and obtain a 70% score.
- A Certified Ethical Hacker (Master) holds both the ANSI and Practical certifications.
- The Computer Hacking Forensics Investigator (CHFI) is another universally recognized certification that validates that the recipient is skilled in the areas of anti-hacking, digital forensics, and penetration testing.
- The Certified Network Defender (CND) certificate demonstrates a solid understanding of defensive security and the required expertise to secure data.
- The EC Council Disaster Recovery Professional (EDRP) certificate holders have the foundation for securing and resorting networks in the event of a disaster like malicious attacks.
- The Licensed Penetration Tester (LPT) certification is given only to those who have mastered cybersecurity techniques and is arguably the pinnacle of cybersecurity certifications.
A complete list of cyber security certifications offered by EC Council can be found in Section 3.6.
2.7 Global Information Assurance Certification
Global Information Assurance Certification (GIAC), founded by the SANS institute, specializes in technical and practical certification. Its certifications are linked to training courses provided by SANS and are recognized worldwide. Candidates for Expert Status certification are only required to pass an exam to obtain certification, which is valid for 4 years. To be eligible to renew at the end of the 4-year period, certificate holders must have 36 continuing education credits and pay the recertification fee or re-take the exam. Individuals wishing to pursue Gold Status certification must research and write a technical report or white paper. Gold Status indicates the holder has a deeper knowledge of a subject area.
- GIAC Security Essential Certification (GIAC) validates an individual’s knowledge information security beyond the simple terminology and concepts. Recipients are skilled in active defense, cryptography, security policy and plans, incident handling, securing networks, etc.
- GIAC Certified Intrusion Analyst (GCIA) validates a practitioner's knowledge of network and host monitoring, traffic analysis, and intrusion detection. Certificate holders are qualified to configure and monitor intrusion detection systems, and to analyze network traffic.
- GIAC Certified Incident Handler (GCIH) demonstrates one’s ability to detect, respond, and resolve computer security incidents using a wide range of essential security skills. An individual with GCIH certification has a solid understanding of common cyber-attack techniques and how to defend against them.
A complete list of cyber security certifications offered by GIAC can be found in Section 3.7.
2.8 International Information Systems Security Certification Consortium
The International Information Systems Security Certification Consortium, or (ISC)2, is a non-profit member organization that provides support to members with credentials, resources, and leadership to address cyber, information, software, and infrastructure security. It is a large IT Security organization, with more than 140,000 members worldwide, almost 6,000 of which are Canadian.
(ISC)2 Certifications meet the US Department of Defense (DoD) Cyber Workforce Management directive (Directive 8140)Footnote 2. (ISC)2 offers one of the most popular cyber security certifications:
- Certified Information Systems Security Professional (CISSP) designation is often required for the most in-demand cyber security jobs and is considered the ‘gold standard’ of security certifications. Requirements for this advanced level certification include a minimum of 5 years of experience in at least two of (ICS)2’s eight common body of knowledge domains, or 4 years of experience and a college degree or approved credentials. Candidates are also required to pass a 3-hour written exam. Re-certification is required every 3 years. To recertify, candidates must earn 120 continuing professional education credits within the three-year cycle and pay an annual fee.
A complete list of cyber security certifications offered by (ISC)2 can be found in Section 3.8.
2.9 ISACA
ISACA, formerly known as the Information Systems Audit and Control Association, is an international professional association focused on IT governance. It has more than 140,000 members and professionals holding ISACA certifications in 180 countries. Its 200+ chapters provide members with training, and networking and resource sharing opportunities.
Candidates must pass written exams to obtain any of ISACA’s professional certifications, all of which are valid for three years. To maintain certification, credential holders are required to obtain at least 120 continuing professional education credits over the three-year period, and pay an annual membership fee, or re-take the exam. ISACA Cyber Security Certifications include the following:
- The Certified Information Security Manager (CISM) credential is aimed at leaders of Cyber Security teams, IT professionals responsible for managing, developing, and overseeing information security systems in enterprise-level applications, or for developing best organizational security practices. In addition to the written exam, candidates must have at least 5 years of security experience and submit a written application.
- Certified in Risk and Information Systems Control (CRISC) certification demonstrates the ability to identify, evaluate, and respond to IT risks. Candidates must have 3 years of professional-level risk management and control experience and perform the tasks of at least two CRISC domains. For this certification, education is not an acceptable substitute for work experience.
- Cyber Security Nexus Practitioner (CSX‑P) recognizes individuals who can act as first responders for security incidents. Created in 2015, tests one’s ability to perform globally validated cyber security covering the five core functions of the NIST Cyber Security Framework; Identify, Protect, Detect, Respond, and Recover. To obtain certification, candidates must pass a 4-hour performance-based exam consisting of simulated security incidents. At the end of the 3-year certification period, holders must take the latest version of the exam to recertify.
A complete list of cyber security certifications offered by ISACA can be found in Section 3.9.
2.10 itSM Solutions
Built around NIST Cyber Security Framework, itSM Solutions certifications validate that cybersecurity professionals have the baseline skills to design, build, test and manage a cybersecurity program using the NIST Cybersecurity Framework.
- NCSF Foundations: For executives, business and IT professionals who need a basic understanding of NCSF to perform their jobs
- NCSF Practitioner: Teaches how to build and design a technology focused cyber security program and risk management program. Gives you a deeper understanding of the NCSF and how to adapt and operationalize it.
A complete list of cyber security certifications offered by itSM Solutions can be found in Section 3.10.
2.11 McAffee Institute
McAfee Institute offers several industry-recognized board certifications in the areas of cyber intelligence and investigations, digital forensics, and cryptocurrency investigations. The United States Department of Homeland Securities National Initiative for Cyber Security Careers and Studies (NICCS) lists McAfee Institute as a provider of professional cyber security certifications. Certificate holders come from some of the top law enforcement and government agencies like the U.S Air Force and Army, Federal Bureau of Investigation (FBI) and the New York Police Department (NYPD).
- Certified Cyber Intelligence Professional (CCIP) certification was developed in conjunction with the Depart of Homeland Security’ National Cyber Security Workforce Framework. Certification demonstrates that an individual can identify persons of interest, conduct timely cyber investigations, and prosecute cyber criminals. Candidates must hold a bachelor’s degree or higher, and three years of experience in investigations, IT, fraud, law enforcement, forensics, criminal justice, law, and loss prevention.
A complete list of cyber security certifications offered by McAfee Institute can be found in Section 3.11.
2.12 Offensive Security
Offensive Security is an international company that provides security counselling and training for technology companies, including practical performance-based certification programs, virtual lab access, and open source projects.
- Offensive Security Certified Professional (OSCP) certification is considered one of the hardest to obtain due to its difficult exam. Candidates are required to successfully attack and penetrate live machines in a safe, lab environment over a 24-hour period. Because of its hands-on nature, it is intended for penetration testers with strong technical and ethical hacking backgrounds. Prior to attempting the exam, candidates must complete the Penetration Testing training course offered by Offensive Security. Obtaining the certificate also qualifies the recipient for 40 (ISC)2 continuing education credits. Unlike many of the other cyber security certifications, the OSCP certificate never expires.
A complete list of cyber security certifications offered by Offensive Security can be found in Section 3.12.
2.13 SECO Institute
Security & Continuity Institute (SECO) is a European institute that offers high-level security and continuity certifications. The SECO certification program consists of seven different certification tracks, each focusing on a specific field of expertise, such as IT Security, Data Privacy, and Ethical Hacking. Tracks starts at the Foundation level, followed by Practitioner and Expert levels. Candidates can then apply for Certified Officer level certifications which are the highest achievable qualification in each certification track.
- Ethical Hacking Foundation (S‑EHF) is an entry-level certification for professionals seeking to enter the career field. Certificate holders understand the fundamentals of ethical hacking and can perform basic penetration testing. While there are no prerequisites, it is recommended that candidates have a basic understanding of Linux.
- Ethical Hacking Practitioner (S‑EHP) is aimed at professionals who already have solid knowledge of ethical hacking basics. It is recommended that candidates obtain S-EHF certification first. Obtaining certification demonstrates that an individual has a full understanding of the penetration testing process and is familiar with common penetration testing techniques.
A complete list of cyber security certifications offered by SECO can be found in Section 3.13.
2.14 Cyber Credentials Collaborative
Cyber Credentials Collaborative (C3) was created in 2011 to promote the benefits of certifications in the skills development of information security professionals around the world. C3 provides awareness of and advocacy for vendor-neutral credentials in information security, privacy, and other IT disciplines. By providing a forum for members to collaborate on issues of shared concern, C3 aims to advance IT careers, better prepare the workforce, and ensure that IT certifications are developed to meet the needs of government, private organizations, and educational institutions.
The below listed certification bodies are all members of C3:
- CertNexus
- Computing Technology Industry Association
- EC-Council
- Global Information Assurance Certification
- International Information Systems Security Certification Consortium
- ISACA
3.0 Cyber Security certification listings and descriptions
The tables below offer a more fulsome list of the different cyber security certifications available to individuals, in alphabetical order.
Prior to attempting a certification exam, candidates can purchase training (in-class, online, or self-paced courses) and other exam preparation materials, such as practice exams, through the vendors and training providers listed in the last column. Some vendors also offer course bundles that include exam fees.
3.1 CertNexus
Certification | Certification Overview | Intended Candidates | Vendors/Training Providers |
---|---|---|---|
Certified First Responder (CFR) |
|
|
Providers that also offer courses in French:
|
Certified IoT Security Practitioner (CIoTSP) |
|
|
Providers that also offer courses in French:
|
Cyber Secure Coder (CSC) |
|
|
Providers that also offer courses in French:
|
CyberSafe |
|
|
Providers that also offer courses in French:
|
IRBIZ micro credential |
|
|
Providers that also offer courses in French:
|
3.2 Cisco Systems
Certification | Certification Overview | Intended Candidates | Vendors/Training Providers |
---|---|---|---|
Cisco Certified CyberOps Associate |
|
|
|
Cisco Certified Network Associate Security (CCNA Security) |
|
|
Providers that also offer courses in French:
|
3.3 CompTIA
Certification | Certification Overview | Intended Candidates | Vendors/Training Providers |
---|---|---|---|
Advanced Security Practitioner (CASP+) |
|
|
Providers that also offer courses in French:
|
Cyber Security Analyst (CySA+) |
|
|
Providers that also offer courses in French:
|
Network+ |
|
|
Providers that also offer courses in French:
|
PenTest+ |
|
|
Providers that also offer courses in French:
|
Security+ |
|
|
Providers that also offer courses in French:
|
3.4 Council for Registered Ethical Security Testers (CREST)
Certification | Certification Overview | Intended Candidates | Vendors/Training Providers |
---|---|---|---|
Certified Infrastructure Tester |
|
|
|
Certified Web Application Tester |
|
|
|
CREST Certified Wireless Specialist (CCWS) |
|
|
|
Practitioner Security Analyst (CPSA) |
|
|
|
Registered Penetration Tester (CRT) |
|
|
|
3.5 Certified Wireless Network Professions (CWNP)
Certification | Certification Overview | Intended Candidates | Vendors/Training Providers |
---|---|---|---|
Certified Wireless Network Expert (CWNE) |
|
|
|
Certified Wireless Security Professional (CWSP) |
|
|
|
3.6 EC Council
Certification | Certification Overview | Intended Candidates | Vendors/Training Providers |
---|---|---|---|
Advanced Network Defence CAST 614 |
|
|
|
Advanced Penetration Tester (APT) |
|
|
Providers that also offer courses in French:
|
Certified Application Security Engineer (CASE) |
|
|
Providers that also offer courses in French:
|
Certified Chief Information Security Officer (CCISO) |
|
|
Providers that also offer courses in French:
|
Certified Ethical Hacker (ANSI) |
|
|
Providers that also offer courses in French:
|
Certified Ethical Hacker (Master) |
|
|
Providers that also offer courses in French:
|
Certified Ethical Hacker (Practical) |
|
|
Providers that also offer courses in French:
|
Certified Network Defence Architect (CNDA) |
|
|
|
Certified Network Defender (CND) |
|
|
Providers that also offer courses in French:
|
Certified Secure Computer User (CSCU) |
|
|
Providers that also offer courses in French:
|
Certified SOC Analyst (CSA) |
|
|
Providers that also offer courses in French:
|
Certified Threat Intelligence Analyst (CTIA) |
|
|
Providers that also offer courses in French:
|
Computer Hacking Forensics Investigator (CHFI) |
|
|
Providers that also offer courses in French:
|
EC Council Disaster Recovery Professional (EDRP) |
|
|
Providers that also offer courses in French:
|
EC-Council Certified Encryption Specialist (ECES) |
|
|
Providers that also offer courses in French:
|
EC-Council Certified Incident Handler (ECIH) |
|
|
Providers that also offer courses in French:
|
EC-Council Certified Security Analyst (ECSA) |
|
|
Providers that also offer courses in French:
|
EC-Council Certified Security Specialist (ECSS) |
|
|
Providers that also offer courses in French:
|
Licensed Penetration Tester (LTP) |
|
|
Providers that also offer courses in French:
|
3.7 Global Information Assurance Certification (GIAC)
Certification | Certification Overview | Intended Candidates | Vendors/Training Providers |
---|---|---|---|
GIAC Advanced Smartphone Forensics (GASF) |
|
|
|
GIAC Assessing and Auditing Wireless Networks (GAWN) |
|
|
|
GIAC Certified Detection Analyst (GCDA) |
|
|
|
GIAC Certified Enterprise Defender (GCED) |
|
|
|
GIAC Certified Forensic Analyst (GCFA) |
|
|
|
GIAC Certified Forensic Analyst (GCFA) |
|
|
|
GIAC Certified Forensic Examiner (GCFE) |
|
|
|
GIAC Certified Incident Handler (GCIH) |
|
|
|
GIAC Certified Intrusion Analyst (GCIA) |
|
|
|
GIAC Certified Perimeter Protection Analyst (GPPA) |
|
|
|
GIAC Certified UNIX Security Administrator (GCUX) |
|
|
|
GIAC Certified Web Application Defender (GWEB) |
|
|
|
GIAC Certified Windows Security Administrator (GCWN) |
|
|
|
GIAC Continuous Monitoring Certification (GMON) |
|
|
|
GIAC Critical Controls Certification (GCCC) |
|
|
|
GIAC Critical Infrastructure Protection (GCIP) |
|
|
|
GIAC Cyber Threat Intelligence (GCTI) |
|
|
|
GIAC Defending Advanced Threats (GDAT) |
|
|
|
GIAC Defensible Security Architecture (GDSA) |
|
|
|
GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) |
|
|
|
GIAC Information Security Fundamentals (GISF) |
|
|
|
GIAC Information Security Professional (GISP) |
|
|
|
GIAC Mobile Device Security Analyst (GMOB) |
|
|
|
GIAC Network Forensic Analyst (GNFA) |
|
|
|
GIAC Penetration Tester (GPEN) |
|
|
|
GIAC Response and Industrial Defence (GRID) |
|
|
|
GIAC Response and Industrial Defense (GRID) |
|
|
|
GIAC Reverse Engineering Malware (GREM) |
|
|
|
GIAC Security Essentials Certification (GSEC) |
|
|
|
GIAC Security Expert (GSE) |
|
|
|
GIAC Security Leadership (GSLC) |
|
|
|
GIAC Systems and Network Auditor (GSNA) |
|
|
|
GIAC Web Application Penetration Tester (GWAPT) |
|
|
|
Global Industrial Cyber Security Professional (GICSP) |
|
|
|
3.8 International Information Systems Security Certification Consortium
Certification | Certification Overview | Intended Candidates | Vendors/Training Providers |
---|---|---|---|
Certified Cloud Security Professional (CCSP) |
|
|
Providers that also offer courses in French:
|
Certified Information Systems Security Professional (CISSP) |
|
|
Providers that also offer courses in French:
|
Healthcare Information Security and Privacy Practitioner (HCISPP) |
|
|
|
Systems Security Certified Practitioner (SSCP) |
|
|
Providers that also offer courses in French:
|
3.9 ISACA
Certification | Certification Overview | Intended Candidates | Vendors/Training Providers |
---|---|---|---|
Certified Cybersecurity Practitioner (CSX‑P) |
|
|
|
Certified in Risk and Information Systems Control (CRISC) |
|
|
Providers that also offer courses in French:
|
Certified Information Security Manager (CISM) |
|
|
Providers that also offer courses in French:
|
Certified Information Systems Auditor (CISA) |
|
|
Providers that also offer courses in French:
|
3.10 itSM Solutions
Certification | Certification Overview | Intended Candidates | Vendors/Training Providers |
---|---|---|---|
NCSF Foundation |
|
|
|
NCSF Practitioner |
|
|
|
3.11 McAfee Institute
Certification | Certification Overview | Intended Candidates | Vendors/Training Providers |
---|---|---|---|
Certified Counterintelligence Threat Analyst (CCTA) |
|
|
|
Certified Cyber Intelligence Investigator (CCII) |
|
|
|
Certified Cyber Intelligence Professional (CCIP) |
|
|
|
Certified Expert in Cyber Investigations (CECI) |
|
|
|
3.12 Offensive Security
Certification | Certification Overview | Intended Candidates | Vendors/Training Providers |
---|---|---|---|
Offensive Security Certified Expert (OSCE) |
|
|
|
Offensive Security Certified Professional (OSCP) |
|
|
|
Offensive Security Exploitation Expert (OSEE) |
|
|
|
Offensive Security Web Expert (OSWE) |
|
|
|
Offensive Security Wireless Professional (OSWP) |
|
|
|
3.13 SECO Institute
Certification | Certification Overview | Intended Candidates | Vendors/Training Providers |
---|---|---|---|
Certified Ethical Hacker (S‑EHE) |
|
|
|
Dark Web Foundations |
|
|
|
Ethical Hacking Foundations (S‑EHF) |
|
|
|
Ethical Hacking Practitioner (S‑EHP) |
|
|
|
IT Security Expert/SOC (S-ITSE/SOC) |
|
|
|
IT Security Foundation (S‑ITSF) |
|
|
|
IT Security Practitioner (S‑ITSP) |
|
|
|