Security Certifications

Certification from the China Information Technology Security Evaluation Center (CNITSEC)

CNITSEC, approved and authorised by the Chinese Central Government, is an authoritative security evaluation facility to, among others, assess, evaluate and confirm the qualifications and capabilities of information security professionals.

The evaluation and qualification certification of information security personnel mainly includes Certified Information Security Professional (CISP) and Certified Information Security Member (CISM).

Certified Internet Webmaster (CIW) Certifications

CIW offers vendor-neutral Web technology certification programs for professional, including Web design, Web development and Web security. The CIW Web Security series include three certifications:

Computing Technology Industry Association (CompTIA) Certifications

CompTIA has developed training and certification exams for computing support, networking, security, open-source (Linux) development, cloud and mobility. The professional certifications on cyber security include:

Cloud Security Alliance (CSA) Certifications

CSA is an international organisation dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA offers some security certificates on cloud computing to individuals.

CREST

CREST provides various levels of professional certifications in cyber security. It provides examinations in mainly three levels, namely Practitioner, Registered and Certified. Following categories of examinations are being provided:

DRI International 's Business Continuity Professional Certifications

DRI International provides various levels of certification for business continuity planners. Here are some examples:

EC-Council Certifications

EC-Council is a cyber security technical certification body。The professional certifications include:

(ISC)² Information Security Certifications

(ISC)² offers several information security certifications and concentrations related to specific certifications. Here are some examples:

These are vendor-neutral programs. CISSP is targeted at executives, while CISSP Concentrations are targeted for experienced information security professionals and SSCPis appropriate for security specialists in the field. CGRC is to measure the professionals' knowledge, skills and abilities involved in the process of certifying and accrediting the security of information systems. There are also Associate Programs for CISSP and SSCP for those who pass these examinations but without the experience required for the certifications.

Information Systems Audit and Control Association (ISACA) Certifications

The program is designed for IS audit, control and security professionals. It includes:

ISO/IEC 27001 Related Professional Certifications

ISO/IEC 27001 is an international standard for Information Security Management Systems (ISMS), which provides a framework and a set of requirements for establishing, implementing, maintaining and improving an ISMS, and audits are required to achieve the ISO/IEC 27001 certification. Under the ISO/IEC 27001 standard, various professional certifications are available to validate individuals’ understanding of the standard, as well as their abilities to implement or audit an ISO/IEC 27001-compliant ISMS. Here are some examples:

Offensive Security Certifications

Offensive Security provides penetration testing courses and certifications for information security professionals. Its certifications include:

Global Information Assurance Certification (GIAC)

The first ever vendor-neutral security certifications for IT security professionals. GIAC currently offers certifications for various job-specific responsibilities instead of general purpose information security knowledge. It covers various IT/IT Security job disciplines such as Security Administration, Management, Audit and Software Security. Here are some examples:

Amazon Web Services (AWS) Certified Security – Specialty

It recognises the holder the understanding and working knowledge of AWS data protection mechanisms, AWS security services and features to provide a secure cloud environment, security operations and risk, etc.

Check Point Certified Security Administrator (CCSA) & Check Point Certified Security Expert (CCSE)

A CCSA possesses the skills to define and configure security policies that enable secure access to information across corporate networks. The CCSE certification is recognised as the industry standard for Internet security certifications as CCSEs possess expertise to configure VPN-1/FireWall-1 as an Internet security solution and virtual private network (VPN) that securely connects corporate offices and remote workers, protecting information exchange and granting access to network resources.

The Cisco Certified Network Professional (CCNP) Security

CCNP SeCCNP Security requires a Cisco Certified Network Associate designation and proficiency with Cisco firewalls, intrusion detection systems and VPNs; whereas Cisco Certified Internetwork Expert (CCIE) Security covers IP, IP routing, and specific security components.

Fortinet Network Security Expert (NSE) program

It is a training and certification program that validates network security skills and experience using Fortinet solutions.

The Juniper Networks Certification Program (JNCP) Junos Security Certification

Juniper Networks offers this program that allows participants to demonstrate competence with Juniper Networks technology. Successful candidates demonstrate thorough understanding of security technology in general and Junos software for SRX Series devices.

Symantec Certifications

Symantec offers specialist certification credentials for its security products, including Symantec Certified Specialist (SCS), etc.