Introduction

Information Security is an incredibly vast field. Even the subsect of offensive security, or penetration testing, has many aspects to it. One question we often receive is what courses or certifications are actually worthwhile; both from a content perspective, but also from the vantage point of a hiring manager. While we emphasis the importance of building the skills and really understanding how the technologies, vulnerabilities, exploits, and remediation actually work, it can be important to provide evidence of those skills via certifications. On this page you’ll find a Security Engineer Skill Tree which outlines the various skillsets within the profession and loosely maps those skills to what we consider to be worthwhile certifications. We’ve also included some additional references on Github, as well as two database views to provide additional resources as you consider what the optimal skill progression path is for you.

Security Engineer Skill Tree & Associated Certifications

Certification Roadmap.pdf1099.7KB

Recommended Skill Path → Purple Team / White Box Focus

Certifications Information DB

Name	Category	Type of Exam	Cost	Certification Link	Training Resource	Relevant Tryhackme Path
Network +	Networking BaselineNetwork Infrastructure & Windows Fundamentals	Multiple Choice	$348.00	Network+ (Plus) Certification \| CompTIA IT Certifications	TOTAL: CompTIA Network+ Certification (N10-007) \| Udemy Introduction to networking for complete beginners \| Udemy How to Pass Your N10-008 Network+ Exam - YouTube	https://tryhackme.com/path-action/presecurity/join https://tryhackme.com/module/intro-to-networking
Security +	Security Baseline	Multiple Choice	$381.00	Security+ (Plus) Certification \| CompTIA IT Certifications	TOTAL: CompTIA Security+ Certification (SY0-501) \| Udemy How to Pass your SY0-601 Security+ Exam - YouTube	https://tryhackme.com/path-action/jrpenetrationtester/join https://tryhackme.com/path-action/pentestplus/join
Pentest +	Recon/OSINT/Vulnerability ScanningExternal Network Pentesting	Multiple Choice	$381.00	PenTest+ (Plus) Certification \| CompTIA IT Certifications	https://www.udemy.com/course/pentestplus/learn/lecture/31992532?start=15 Online Courses - Learn Anything, On Your Schedule \| Udemy \| Udemy	https://tryhackme.com/path-action/jrpenetrationtester/join https://tryhackme.com/path-action/pentestplus/join
CASP +	Information Security Program Management	Multiple Choice	$480.00	CASP+ (Plus) CompTIA Advanced Security Practitioner Certification \| CompTIA IT Certifications	CompTIA Advanced Security Practitioner (CASP+ Exam CAS-003) \| Udemy
CISSP	Information Security Program Management	Multiple Choice	$749.00	Cybersecurity Certification\| CISSP - Certified Information Systems Security Professional \| (ISC)² (isc2.org)	CISSP Certification: CISSP Domain 1 & 2 Boot Camp UPDATED 22 \| Udemy Free Cybersecurity Training and Career Development \| Cybrary
Linux +	Linux FundamentalsNetworking Baseline	Multiple Choice	$348.00	Linux+ (Plus) Certification \| CompTIA IT Certifications	Linux Administration Bootcamp: Go from Beginner to Advanced \| Udemy Free Cybersecurity Training and Career Development \| Cybrary	https://tryhackme.com/path-action/beginner/join
LIPC 1	Linux Fundamentals	Multiple Choice	$200.00	Linux Professional Institute LPIC-1 \| Linux Professional Institute	LPIC-1 Exam 101 Linux Administration Bootcamp: Go from Beginner to Advanced \| Udemy	https://tryhackme.com/path-action/beginner/join
LIPC 2	Linux Fundamentals	Multiple Choice	$200.00	Linux Professional Institute LPIC-1 \| Linux Professional Institute	LPIC-1 Exam 102 Linux Administration Bootcamp: Go from Beginner to Advanced \| Udemy	https://tryhackme.com/path-action/beginner/join
MS 500	White box Vulnerability & Cloud Security Analysis	Multiple Choice	$165.00	Exam MS-500: Microsoft 365 Security Administration - Certifications \| Microsoft Docs	MS-500 Microsoft 365 Security Administration Lectures & Sims \| Udemy
AZ 900	White box Vulnerability & Cloud Security Analysis	Multiple Choice	$99.00	Exam AZ-900: Microsoft Azure Fundamentals - Certifications \| Microsoft Docs	A to Z of Azure security - Covers AZ 500, 300,103 and more \| Udemy
AZ 500	White box Vulnerability & Cloud Security Analysis	Multiple Choice	$165.00	Exam AZ-500: Microsoft Azure Security Technologies - Certifications \| Microsoft Docs	Microsoft AZ-500 Certification: Azure Security Technologies \| Udemy A to Z of Azure security - Covers AZ 500, 300,103 and more \| Udemy
AWS Security Specialty	White box Vulnerability & Cloud Security Analysis	Multiple Choice	$300.00	AWS Certified Security - Specialty Certification \| AWS Certification \| AWS (amazon.com)	AWS Certified Solutions Architect Associate Introduction \| Udemy
MSCA	Networking BaselineNetwork Infrastructure & Windows Fundamentals	Retired	$0.00	N/A	Complete Windows Server Administration Course \| Udemy	https://tryhackme.com/module/hacking-active-directory https://tryhackme.com/module/hacking-windows-1 https://tryhackme.com/module/windows-fundamentals
OCEG	Security Risk Assessment (GRC focus)	Multiple Choice	$399.00	GRC Certifications - GRC Professional Certifications \| OCEG	How do I prepare for GRC Certification? \| OCEG
OSED	Exploit Development	Hands On	$1,500.00	EXP-301 and the OSED Certification \| Offensive Security (offensive-security.com)	https://www.offensive-security.com/pre-registration/ Reverse Engineering and Exploit Development \| Udemy
OSWE	Web Application Mobile Application and API Testing	Hands On	$1,649.00	WEB-300 and the OSWE Certification \| Offensive Security (offensive-security.com)	https://www.offensive-security.com/pre-registration/ Uncle Rat's Web Application Hacking And Bug Bounty Guide \| Udemy
eWPTX	Web Application Mobile Application and API Testing	Hands On	$400.00	eLearnSecurity Web application Penetration Tester eXtreme (eWPTXv2) \| Certifications \| INE	Pricing & Plans \| INE
eWPT	Web Application Mobile Application and API Testing	Hands On	$400.00	eLearnSecurity Web Application Penetration Tester (eWPT) \| Certifications \| INE	Pricing & Plans \| INE Uncle Rat's Web Application Hacking And Bug Bounty Guide \| Udemy Burp Suite Training - PortSwigger	https://tryhackme.com/path-action/web/join https://tryhackme.com/module/scripting-for-pentesters
Burp Suite Practitioner	Web Application Mobile Application and API Testing	Hands On	$99.00	Burp Suite Certified Practitioner \| Web Security Academy - PortSwigger	Burp Suite Training - PortSwigger	https://tryhackme.com/path-action/web/join https://tryhackme.com/module/learn-burp-suite
OSCP	Internal Network Pentesting	Hands On	$1,500.00	PEN-200 and the OSCP Certification \| Offensive Security (offensive-security.com)	https://www.offensive-security.com/pre-registration/ Ethical Hacking Offensive Penetration Testing OSCP Prep \| Udemy Python 3 For Offensive PenTest: A Complete Practical Course \| Udemy	https://tryhackme.com/path-action/pentesting/join https://tryhackme.com/module/scripting-for-pentesters
eJPT	Internal Network PentestingRecon/OSINT/Vulnerability Scanning	Hands On	$200.00	eJPT Certification - eLearnSecurity	INE - Penetration Testing Student Ethical Hacking Offensive Penetration Testing OSCP Prep \| Udemy	https://tryhackme.com/path-action/jrpenetrationtester/join https://tryhackme.com/path-action/pentestplus/join
PNPT	Internal Network PentestingRecon/OSINT/Vulnerability Scanning	Hands On	$299.00	TCM Security Certifications - Home (tcm-sec.com)	TCM Security Academy \| TCM Security, Inc. (tcm-sec.com) Ethical Hacking Offensive Penetration Testing OSCP Prep \| Udemy	https://tryhackme.com/path-action/jrpenetrationtester/join https://tryhackme.com/path-action/pentestplus/join
eMAPT	Web Application Mobile Application and API Testing	Hands On	$400.00	eLearnSecurity Mobile Application Penetration Tester (eMAPT) \| Certifications \| INE	Pricing & Plans \| INE

Security Engineer Skill Tree & Certification Recommendations

Table of Contents

Introduction

Security Engineer Skill Tree & Associated Certifications

Certifications Information DB

Cybersecurity Certifications

Untitled