Security

Specialty certification validating deep expertise in AWS security services, data protection, identity management, and compliance. Covers incident response, logging, monitoring, and encryption strategies on AWS.

Practical web application security certification from the makers of Burp Suite. Tests real-world web exploitation skills across a 4-hour hands-on exam using PortSwigger Web Security Academy labs.

Advanced cloud security certification covering cloud concepts, architecture, data security, platform security, operations, and legal compliance. Validates expertise for cloud security architects and engineers.

Vendor-neutral ethical hacking certification covering reconnaissance, scanning, system hacking, malware threats, sniffing, social engineering, web app attacks, and AI-driven hacking. v13 introduces AI-augmented hacking modules. Knowledge-based MCQ exam, with optional CEH Practical hands-on add-on.

Industry-recognized ethical hacking certification covering 20 attack domains including network scanning, system hacking, malware threats, and web application security. Includes knowledge exam and optional practical exam on a live cyber range.

Management-focused security certification for IT professionals designing and managing enterprise information security programs. Covers security governance, risk management, incident management, and program development.

Globally recognized certification for information systems audit, control, and security professionals. Covers IS auditing, governance, IT management, information protection, and business resilience.

Advanced hands-on certification validating skills in securing Kubernetes cluster components, network policies, image security, supply chain security, and runtime protection. Based on Kubernetes v1.34.

Professional-level security cert covering secure network access, VPNs, content security, endpoint protection, secure connectivity, and Cisco security solutions (Firepower, ISE, ASA). Requires passing the SCOR core exam plus one concentration exam.

Entry-level cybersecurity operations certification covering security concepts, network intrusion analysis, and host-based analysis. Validates skills for SOC Tier 1 analyst roles. Exam code: 200-201 CBROPS.

Premier information security certification recognized worldwide, covering 8 security domains from risk management to software development security. Requires 5 years of professional experience. Gold standard for senior security roles.

Advanced-level security certification for practitioners (not managers) covering enterprise security architecture, operations, integration, cryptography, and research. Does not expire; the only non-management advanced security cert. Exam code: CAS-004.

Intermediate cybersecurity analyst certification covering threat detection, data analysis, incident response, and vulnerability management. Validates skills for SOC analyst and incident response roles. Exam code: CS0-003.

Intermediate penetration testing certification covering planning, scoping, vulnerability scanning, exploitation, and reporting. Validates offensive security skills for pentest roles. Exam code: PT0-003.

Globally recognized baseline cybersecurity certification covering threat detection, risk management, cryptography, and network security. Industry standard entry point for security roles and DoD 8570 compliant. Exam code: SY0-701.

Validates skills in deploying, configuring, and operating the CrowdStrike Falcon platform — sensor deployment, prevention/detection policies, host management, and integrations. CrowdStrike dominates the modern EDR market.

Intermediate practical penetration testing certification covering exploitation, Active Directory attacks, and web application testing in a fully hands-on exam environment.

Entry-level practical penetration testing certification covering network scanning, exploitation, and web application testing via a hands-on exam. Designed for those new to cybersecurity — no formal experience required.

Fortinet's mid-tier network security cert (formerly NSE 4) covering FortiGate firewalls, VPNs, security policies, SD-WAN, and FortiOS administration. Required step on the Fortinet certification ladder for security engineers working with FortiGate.

Hands-on security practitioner certification covering network defense, cryptography, incident response, AWS/Azure cloud fundamentals, and Linux/Windows security. Requires deep applied knowledge — open-book exam with 4–5 hour practical scenarios. Industry-recognized as one of the strongest entry-to-mid-level security credentials.

Validates ability to design and implement secure infrastructure on Google Cloud. Covers Identity and Access Management, VPC security, data protection, compliance, and incident response on GCP.

Validates foundational knowledge of secrets management and data protection using HashiCorp Vault. Covers authentication methods, policies, secrets engines, encryption, and Vault architecture.

Practical web application security certification covering SQL injection, XSS, SSRF, authentication bypass, and advanced web exploitation. Designed for bug bounty hunters and web security professionals.

Hands-on blue team certification covering SIEM, log analysis, threat hunting, incident response, and SOC workflows across 15 learning modules. Validates practical skills for defensive security and SOC analyst roles.

Comprehensive practical penetration testing certification covering network and web exploitation, Active Directory attacks, privilege escalation, and professional reporting. Features a 10-day hands-on exam across 28 learning modules on HTB Academy.

Expert-level web exploitation certification covering complex vulnerabilities including deserialization, race conditions, OAuth flaws, and prototype pollution. Designed for senior penetration testers and offensive security specialists.

Entry-level cybersecurity certification covering security principles, business continuity, access controls, network security, and security operations. ISC2 offers the exam free for the first attempt under their One Million Certified in Cybersecurity initiative — making this the lowest-barrier entry to the ISC2 ladder.

Validates skills in implementing security controls and threat protection on Azure. Covers identity management, platform protection, security operations, and data/application protection in Azure environments.

Validates skills in threat detection, response, and remediation using Microsoft Sentinel, Microsoft Defender XDR, and Microsoft Purview. Targeted at SOC analysts in Microsoft-heavy environments.

Entry-level certification covering Microsoft security, compliance, and identity concepts. Covers Azure Active Directory, Microsoft Sentinel, Defender, Purview, and compliance solutions. Does not expire.

The gold standard hands-on penetration testing certification. Candidates must compromise multiple machines in a 24-hour proctored exam on a live network — entirely performance-based, no multiple choice. OSCP+ badge valid 3 years.

Advanced penetration testing certification focusing on antivirus evasion, process injection, lateral movement, and attacking complex Active Directory environments. Features a 48-hour hands-on exam simulating a corporate network.

Entry-level Palo Alto NGFW cert covering security policies, NAT, App-ID, User-ID, Content-ID, and PAN-OS administration. Required prerequisite for the engineer-level PCNSE. Palo Alto firewalls are deployed in ~70% of Fortune 100 enterprises.

Fully practical real-world penetration testing certification featuring a 5-day exam on a live network plus a professional report and debrief. Covers OSINT, network exploitation, Active Directory attacks, and privilege escalation.