Cybersecurity Certificate Tier List (2023)

00:00

in this video I'm going to be going over

00:01

the best cyber security certifications

00:03

from s tier all the way down to F tier

00:06

I've gotten millions of requests to go

00:08

over the best certifications to get into

00:09

the field and I get it I mean come on

00:11

look at this what the actual is

00:14

going on are you supposed to get all

00:16

these to get a job well you could and

00:18

collect certifications like Pokemon for

00:20

the rest of your life pretentiously

00:21

claiming to be smarter than everyone

00:22

else around you by virtue of you being

00:25

able to memorize questions to answers

00:27

for tests as if you're going to be given

00:29

four multiple choice options when

00:30

someone breaks into your network now if

00:32

you don't already know who I am good

00:34

because nobody does I'm just that guy in

00:36

a mask who is currently a cyber security

00:38

analyst or an a-tier Fortune 500 company

00:40

sorry boss we had an S tier alright

00:43

enough Shenanigans let's get started let

00:45

me preface this rating system if you

00:47

disagree with me that's okay you're

00:49

wrong no no but the method that I use to

00:51

rank this system is this I took a random

00:54

perfect sample size of a hundred job

00:56

listings I pulled every certificate they

00:58

mentioned and I did some salty late

01:00

night research on Reddit on YouTube on

01:02

blog sites and I mixed in my own

01:04

experience applying for jobs my old

01:06

co-workers my old professors and my boss

01:08

all to finally answer the age-old

01:10

question which one is best and answer

01:12

whatever the hell this job listing means

01:13

by grade a security certificate what the

01:16

hell is even that increase your odds of

01:19

Landing that first time interview and

01:21

eventually the job I'll explain my

01:22

reasoning for each ranking and if you

01:24

disagree then please leave a comment

01:25

down below it's going to help everyone

01:27

if you comment now every rating is going

01:29

to take into consideration reputation as

01:31

in how well is it known cost difficulty

01:34

of obtaining the certificate and most

01:36

importantly how useful is the

01:38

information inside of the certificate

01:39

going to help you practically speaking

01:41

at the end of this tier list I'm going

01:43

to further explain why having any one of

01:45

these certificates can actually do for

01:47

you so don't miss the end take away from

01:49

all of this alright let's get started

01:50

with the elephant in the room CompTIA

01:52

keep in mind that all CompTIA certs as

01:54

well as a ton of other ones I'm going to

01:56

cover only last for three years and have

01:58

to be renewed after that I'll go

01:59

overview new certs that don't expire but

02:01

as security evolves so does the cert a

02:04

plus this won't get you a job in cyber

02:06

security definitely after and don't get

02:07

me wrong you do need to know everything

02:09

that is on the test but you're gonna

02:10

have one hell of a time getting past the

02:12

hiring Gates if this is all you have you

02:13

could land a general I.T job from it but

02:15

this isn't a tier list for General IT

02:17

jobs next is Network plus and this is

02:19

like the a plus is lifelong best friend

02:22

hello I love you you'll learn the basics

02:25

of networking and could get a job as a

02:27

network intern or associate but good

02:29

luck Landing a security job with just

02:30

this plus you do need to know everything

02:31

that is on this test and in my sample

02:33

size I saw it asked for one time and for

02:36

that reason alone it's a detier for

02:38

definitely not going to get you a job

02:39

security plus oh boy this is that one

02:43

popular kid in class gets all the

02:44

attention but really isn't all that

02:46

smart this one is the goaded gatekeeper

02:48

of a massive amount of jobs by

02:50

gatekeeper I literally mean it is

02:52

sometimes required for you to have the

02:54

job now something that I discovered on

02:56

LinkedIn that maybe a lot of people

02:57

don't know is that the parsing for the

02:59

search bar sucks a good amount more than

03:02

indeed if I had to rank job boards

03:04

LinkedIn you're losing points for this

03:05

now searching for CompTIA Security on

03:08

LinkedIn brings up this it's Hit or Miss

03:10

whether or not you're actually gonna get

03:11

a job that asks for CompTIA or Security

03:13

Plus whereas using indeed's job search

03:16

you get less garbage and more relevant

03:18

job listings as you can see here there's

03:19

thousands of jobs that we can search for

03:21

and my job listing sample had about 30

03:23

percent asking for this certificate now

03:25

this is an entry level certificate and

03:27

for that reason it's not going to

03:29

guarantee a job but it's sure going to

03:31

help based on how widely known it is and

03:34

asked for at this point it's just

03:35

something HR lists as like a check box

03:37

in the same way that a college degree

03:38

proves that you're capable of showing up

03:40

to a place consistently for four years

03:41

this search shows that you're capable of

03:44

retaining security principles

03:45

the things I'm smart and the Security

03:47

Plus certificate is only 392 dollars

03:50

which might be a lot for some of you but

03:52

compared to some of the other shirts

03:53

we're gonna go over it's a very

03:54

reasonably priced cert for how well it

03:56

is widely known because of everything

03:57

mentioned this is definitely an

03:59

eight-tier certificate it's widely known

04:01

and it gives you a solid base

04:02

understanding of security that a lot of

04:05

jobs unfortunately require if you want

04:07

some extra credit and you want to bump

04:08

this up to an A plus I highly recommend

04:10

pairing the Security Plus with the new

04:12

and shiny Google cyber security

04:14

certificate that's available for

04:16

basically free on Coursera that I went

04:18

over in this video here and for two

04:20

reasons the Google cert gives you vital

04:22

basic knowledge that will allow you to

04:24

prepare yourself to pass the Security

04:26

Plus and it gives you a discount voucher

04:29

for 30 off of the Security Plus so

04:31

pairing it seems kind of like a

04:33

no-brainer to me and there's a reason

04:34

it's the highest ranked cert on Coursera

04:37

right now I mean 4.9 out of five

04:42

God you're beautiful so check out that

04:44

video if you're just starting out on

04:45

cyber security moving on we have uh is a

04:48

plus and Pen test plus I Clump these

04:51

together because while they are roughly

04:53

the same as far as difficulty they do

04:55

vary in higher ability for some

04:58

different reasons the scissors goes over

05:00

defense through incident detection and

05:02

response whereas the pen Test Plus

05:03

focuses on offense through penetration

05:06

testing and vulnerability assessment

05:08

generally speaking the difficulty of the

05:10

two like I said is pretty on par with

05:12

each other it just focus on different

05:13

aspects of cyber security and it just

05:15

depends on what you want to go into both

05:16

tests are the same price as a Security

05:17

Plus at 392 dollars and now as far as

05:20

higher ability I would say based on all

05:23

the research I've done and everything

05:24

I've experienced in my drive application

05:25

process that the sizza plus is a little

05:28

bit better as far as being able to land

05:31

you a job because generally security

05:32

analyst positions are more entry level

05:35

and easier to get into whereas

05:36

penetration testing positions which the

05:38

pen Test Plus certificate is for are a

05:41

lot harder to get into and more

05:42

mid-level they're going to be looking

05:43

for more information than just the pen

05:45

tests and it doesn't help you quite as

05:47

much to land that interview or that job

05:49

so C tier for sizza plus and D tier for

05:52

pen test but only by a little post your

05:54

complaints down on the bottom but this

05:55

is how I make sense of the certification

05:57

storm that we're in right now and yeah

05:58

yesterday the last CompTIA sir I want to

06:01

mention is the Casp plus this is

06:04

designed for someone with 10 years plus

06:06

experience in it and five years

06:08

experience in security but unlike other

06:10

certs this isn't a mandatory requirement

06:12

this is just something that they

06:13

recommend you have before you try it so

06:15

anybody can take it exam is very Broad

06:17

and covers a lot of domains and at the

06:20

price point of 494 dollars it's only

06:23

slightly cheaper than another cert

06:24

coming up vastly Superior than this one

06:27

and far more well known so this one's a

06:29

b because there's a better option it's

06:31

arguably well less known than that one

06:33

and rarely does this come up in job

06:35

listings and how would be remiss if I

06:37

didn't go over the highly controversial

06:38

Cisco CCNA this tier list is for higher

06:42

ability Cisco is so widely used that

06:45

even with new technologies hitting the

06:47

scene if you plan on taking a network

06:48

certificate anyways because you want to

06:50

become something like a security network

06:51

engineer then I would always recommend

06:53

this CCNA cert over the network plus

06:56

cert as it's better than the network

06:57

cluster and it's Cheaper by fifty

07:00

dollars don't believe me well this chart

07:02

doesn't lie the CCNA is an intermediate

07:04

certificate and that it dives into more

07:06

difficult configuration Concepts albeit

07:09

their Cisco proprietary but still gives

07:11

you a far better understanding of

07:12

networking than the network plus goes

07:14

into I mean I had four Cisco networking

07:16

classes through my bachelor's degree in

07:18

college so there's a lot of people

07:19

backing up Cisco it's easier to get a

07:22

job with it in the networking Community

07:23

because of how well known it is in there

07:25

therefore it's ranked as a c which is

07:28

very fitting for Cisco now if you're

07:30

looking to become a penetration tester

07:31

then you're going to want to look into

07:33

these next two certs the ceh the

07:35

certified ethical hacker this tends to

07:37

be over hyped and put down a lot by the

07:39

cyber security Community but I don't

07:41

think they can argue how widely known it

07:43

is and what it lacks from support in the

07:46

security Community it makes up for an HR

07:49

clout unfortunately it does come at a

07:51

high cost of 1199 and that's if you can

07:55

get the 850 ceh course waived to be

07:58

considered for testing without the

08:00

course you have to submit an application

08:02

to the EC Council which requires you to

08:05

have at least two years of experience

08:06

working in the information security

08:07

domain so this cert is a solid C and

08:10

that's largely in part due to the high

08:12

cost of this cert I'll look down upon it

08:15

is and even with the HR clout it carries

08:17

there is a far superior better option

08:20

than I'm about to go over it has a

08:21

bigger better and more badass respected

08:23

older sibling and we're of course

08:25

talking about the oscp the offensive

08:28

security certified professional this

08:30

does come at a higher cost and at one

08:32

point it was apparently available for

08:34

like a thousand bucks but they've upped

08:36

their prices the self-guided individual

08:38

course is 1599 which includes 90-day lab

08:41

access and one exam attempt the learn

08:43

one subscription is 2499 a year and

08:48

provides a lab access for one year and

08:50

two exam attempts and if you're

08:52

absolutely loaded and have bottomless

08:53

Pockets then for 5499 a year you get

08:57

unlimited attempts to pass the test now

08:59

this test requires you to do live

09:01

Network penetration testing for 24 hours

09:03

with questions as part of the open

09:04

security certification program this cert

09:07

is for life so unlike the previously

09:09

mentioned ones this one does not expire

09:10

and this kind of confirms its

09:12

superiority to the certified ethical

09:14

hacker certification just because it

09:16

lasts forever that means that it has to

09:18

be far more difficult given how more

09:21

respected the certificate is and how it

09:23

only costs a little bit more than the CH

09:25

cert this makes it far more Superior it

09:28

carries just as much HR clout as the ceh

09:31

and it's not looked down upon this is an

09:34

a-tier certificate my boss looks down at

09:36

the CH and says that if I can get this

09:38

sir it's like an immediate promotion for

09:40

me let's talk government compliance

09:42

certs isaka certs the information

09:44

systems audit and Control Association is

09:46

a globally recognized and highly

09:49

respected organization isaka offers four

09:51

certs that are very commonly looked for

09:53

there is the certified information

09:54

security auditor certified information

09:57

security manager a certified risk in

09:59

Information Systems control and

10:01

certified governance of Enterprise I.T

10:03

now I'm pumping all these together as

10:05

they're similarly designed but they're

10:06

just for different niches in the cyber

10:08

security space that being said the

10:10

content provided by these certs is

10:12

extensive with cism arguably hardest one

10:15

of the tests as it's geared towards

10:17

information security managers and HR

10:19

will often take this interchangeably

10:21

with another cert I'm going to be going

10:23

over that is an S tier cert but sadly

10:26

these are all just a tier certs they're

10:28

reasonably priced at 760 dollars a pop

10:30

they're well respected and well known

10:32

they're just not quite living up to

10:34

other certs that you could get that

10:36

provide the same and more clout and more

10:40

reputation and higher ability now below

10:42

ISAC asserts are GX certs Global

10:45

information assurance certifications

10:47

there's only a couple issues with these

10:49

the price and they're not as well known

10:52

as other certs it's a shame because they

10:54

are on par with the other certs but

10:56

because of the aforementioned issues we

10:58

have to rank them below the ice hackers

11:00

accordingly in my job sample list the

11:02

the G sex cert was only found one time

11:04

and it's just as difficult as a Security

11:06

Plus but costs three times more CT sorry

11:10

it just didn't do better the remaining

11:12

GX certs are incredibly practical as far

11:15

as the content and provide far more bang

11:17

for your buck for that 949 price point

11:20

so for that reason the rest are B tier

11:22

now if you can get any of these GX certs

11:24

paid for by your current employer then

11:26

they're a tier for practical content

11:28

only hindered by their lack of

11:30

reputation if a man in the middle of a

11:33

forest earns a certificate and no one

11:35

knows about it does he get a job now

11:38

something I didn't mention about the

11:39

previous certs and that is a pro for the

11:41

GX certs is that they do offer a slight

11:43

discount at 100 off your retake test

11:46

whereas the competea and the isak

11:48

asserts do not have that you only get

11:49

one attempt to take it if you fail

11:51

you'll lose the money that you've spent

11:53

towards the cert so don't fail but at a

11:55

starting cost of 949 dollars it's not

11:57

really that much incentive if you only

11:59

get a hundred dollar discount on the

12:00

next test the next cert deserves a drum

12:03

roll ladies and gentlemen boys and girls

12:06

the search you've all been waiting for

12:10

foreign

12:11

[Music]

12:15

[Applause]

12:19

information system security professional

12:22

if you haven't heard of it before then

12:24

you live under a boulder

12:30

[Music]

12:32

then you'll live under a rock but that's

12:34

okay because that's why you're here now

12:35

this cert is widely known and that is an

12:39

understatement it's well respected and

12:41

is arguably the best bang for your buck

12:42

cert that you can get right now coming

12:44

in at only 749 now I studied for this

12:47

exam like crazy before I got my current

12:49

position and honestly after making this

12:51

video it's making me rethink trying to

12:53

get back into it and getting this served

12:55

now the requirements of the serve to be

12:57

fully recognized as a cissp are a bit

13:00

more difficult than what we've covered

13:01

so far you have to have a minimum of

13:03

five years work experience working in

13:06

two or more of the eight domains covered

13:07

in the cisp exam luckily you can drop

13:10

that requirement by one year if you

13:12

either have a four-year college degree

13:14

or you obtain one of the approved

13:16

certificates from the ISC approved list

13:19

this is the approved list and you'll

13:21

notice that the Security Plus is

13:22

actually on here so folks do you see

13:25

here I'm going with this get your

13:26

Security Plus first then all you need is

13:28

four years oh and then the other

13:30

requirement is you have to DM someone

13:33

with the cisp to back you up that part's

13:36

easy though just find someone with a

13:37

cissp who can vouch for your mad skills

13:40

and well soon you guys will have me to

13:42

vouch for you and if you want me to

13:43

vouch for you then I can be reached by

13:45

my Mad Hat membership in my patreon link

13:48

down below just kidding about the

13:51

vouching part the patreon's real but

13:53

there's nothing on it yet so don't worry

13:55

about it now a candidate who doesn't

13:56

have the five years requirement to get

13:58

this fully fledged cssp can still take

14:01

the test and pass it to earn an

14:03

Associates of ISC you'll have six years

14:05

to complete the aforementioned

14:07

requirements this cert covers a ton of

14:10

information it covers eight domains and

14:12

the only cert that comes close to

14:14

covering this much information is the

14:16

GSE which isn't a typical certification

14:18

it's a portfolio of certs that requires

14:21

you to obtain six of the GX certs I

14:24

mentioned before and if you've been

14:26

paying attention that is six times nine

14:29

hundred and forty nine dollars yeah so

14:31

that's not really a standalone own

14:33

certificate but if you want to challenge

14:34

job security for life and you have

14:37

bottomless pockets it's arguably the

14:39

best certificate that you can get since

14:41

it's six certs in one the ciss piecer is

14:44

often interchanged in job listings with

14:47

the associate of the ISC because HR

14:49

knows that the only difference between

14:51

you and the cissp holders is five years

14:54

help desk experience or something and

14:56

looking in my job samples there's far

14:58

more jobs asking for the cssp than the

15:01

Security Plus so this one's an S tier

15:03

for sure think of the cssp as one of the

15:05

most versatile certifications that you

15:07

can get it's relevant to more job roles

15:09

than pretty much any other suit you can

15:11

get out there now ISC has a few other

15:13

certs though not as prestigious as the

15:16

cssp are still okay I have to mention

15:18

the cyber security certified cert it

15:20

offers this is great for beginners and

15:22

it's currently free if you join the ISE

15:25

membership which has an annual fee of 50

15:27

so it's not technically free but this is

15:30

kind of a worse version than the Google

15:31

search I mentioned earlier it does

15:33

prepare you for the Security Plus but it

15:35

doesn't cover nearly as much as the

15:37

Google search and it doesn't give you a

15:38

30 discount for the Security Plus cert

15:40

so not really worth it for that

15:42

inferiority reason and the fact that

15:44

nobody asks for this cert and will not

15:46

land you an interview this is similar to

15:48

the A Plus sir it's an F my dude next up

15:50

is the system security certified

15:52

practitioner that they offer this test

15:54

is easier than Security Plus and it's

15:56

less known so this is a solid d-minus

15:59

let's talk the cloud this is where the

16:03

real money is at right now this is where

16:04

everything is headed and the level of

16:06

demand for cloud security certs is going

16:08

through the roof right now because it is

16:10

arguably the newest domain in cyber

16:12

security isc's ccsp the certified Cloud

16:15

security professional which is fabulous

16:18

absolute Banger of assert but there's

16:20

only one problem it's not the OG Cloud

16:23

cert the title of mother of all Cloud

16:25

certs is given to the ccsk which is the

16:28

certificate of cloud security knowledge

16:30

this is quite literally the industry's

16:32

first exam elimination of cloud security

16:34

knowledge when it was released back in

16:36

2010 so the ccsk covers comprehensive

16:39

knowledge of cloud security while the

16:40

ccsp covers the same knowledge with a

16:43

lot more of cssp governance topics and

16:46

domains mixed in the ccsp also requires

16:50

the same five years of work experience

16:52

in security domains in order to obtain

16:54

the official title of ccsp whereas the

16:57

ccsk has been around for longer costing

17:00

395 dollars compared to the ccsp's 599

17:04

dollars it can be taken from the comfort

17:06

of your own home and it's an open book

17:08

exam where you have 60 minutes to answer

17:11

90 questions for that reason it is

17:13

easier but it is impossible to research

17:16

every single question in that amount of

17:18

time but that is why it is significantly

17:20

lower in difficulty on the list here

17:21

with the ccsp being at 599 dollars which

17:24

is significantly more but is certainly

17:26

agreed that it is more prestigious of

17:28

assert to obtain ICS even writes one

17:31

important distinction to know is is that

17:33

the ccsp is a certification and the ccsk

17:36

is a certificate oh ISE that is

17:38

semantically pompous of you now in my

17:40

opinion the ccsk is an S tier cert

17:45

it's well known it's easy to get it's

17:48

more bang for your buck and it lasts

17:50

forever whereas the ccsp has the 5V

17:53

requirement and you have to renew it

17:55

regularly and a lot of times in job

17:57

requirements they're taken

17:58

interchangeably so HR is going to look

18:01

pretty similarly at the two certs so

18:03

obviously that makes the ccsp an a tier

18:06

right below maybe maybe a plus if we're

18:08

being semantically generous and while

18:10

we're on the subject of cloud certs

18:12

Azure security certifications these are

18:14

legitimately slept on my ex-co-worker

18:16

landed a job as a Azure engineer with

18:20

just a an associate sir alone and for a

18:23

hundred and sixty four dollars and a

18:25

significant amount of companies

18:26

utilizing Microsoft software this is a

18:29

solid a choice it's arguably just as

18:31

easy to land a job within Azure

18:33

certificate as the Security Plus

18:35

certificate so I really have no choice

18:37

but to put it in this tier considering

18:39

it's cheaper than the other mentioned

18:40

certs Azure also offers multiple paths

18:43

to advance in your certificates and you

18:45

can build your knowledge and Advance

18:46

into the Microsoft certified cyber

18:49

security architect expert now I know

18:50

some of you are thinking what about AWS

18:52

well AWS doesn't have quite as many

18:54

certificate paths so for that reason I'm

18:57

not even going to mention it sorry you

18:58

didn't make the cut there's also

18:59

Google's Professional Security Cloud

19:01

engineer cert that you can get at 200

19:03

this is a decent option although not as

19:05

widely known or as sought after as the

19:08

Azure certs it's also significantly

19:10

easier than the Azure sir as you can see

19:11

on the list here so for that reason we

19:13

got to bump it down a few because it's

19:14

not as well known and it's probably not

19:16

going to land you a job so we're gonna

19:17

have to bump it down to the C tier

19:18

that's enough for cloud we're

19:20

approaching the end of the list and

19:21

there's only a couple special mentions

19:23

left ITIL certs

19:25

these exist d e and D suck Blue Team

19:28

level one I've actually been asked about

19:30

this a lot after researching its

19:32

offerings and reputation everyone agrees

19:34

it's far more practical and useful

19:37

for preparing for working as a security

19:40

analyst compared to its closest

19:42

comparable match the shiza plus the only

19:44

problem is that HR has no clue

19:46

what it is and it costs more than this

19:48

is a plus at 500 so for that reason it

19:50

just has to rank lower than this is a

19:52

plus sorry blue team you're great but

19:54

you're going in the deter all right so

19:56

as promised the obvious takeaway from

19:58

this ranking is to just obtain an S tier

20:00

sir right wrong certs are useless just

20:04

go to college

20:05

[Music]

20:12

ah gotcha no but seriously none of these

20:15

shirts are gonna guarantee you a job

20:17

because you still have the interview for

20:19

the job to get through and even if any

20:21

one of these magical certs gets you past

20:22

the HR Gates and into a zoom call with

20:25

the hiring manager if all you did was

20:26

cram for a test and fail to apply the

20:28

knowledge to building a portfolio of

20:31

security projects of hacking tools or

20:33

documenting anything along the way then

20:35

you're going about it all wrong you'll

20:36

most likely sound like someone who

20:38

doesn't know what they're doing and not

20:39

fully committed to the field and now

20:41

this is especially true for the

20:42

entry-level search mention generally

20:44

speaking the certification is lower on

20:46

the list are less likely to get you that

20:47

first time interview or much less a job

20:49

so really the whole purpose to getting a

20:51

cert is just to increase your odds of

20:53

getting a job and the Heart of the test

20:55

the more likely you're able to retain

20:56

some assemblance of proficiency in

20:58

whatever you learned and the easier it

21:00

is the more likely you're going to

21:01

forget everything that you crammed for

21:03

as it probably took less Blood Sweat and

21:05

late night tears to obtain in this chart

21:07

you can expect the bottom to probably

21:08

increase your odds of getting in

21:10

interview by zero to ten percent and it

21:12

goes up from there exponentially and at

21:14

the very top of the list we have the

21:17

very last cert that I wanted to go over

21:18

before all of you forget this video ever

21:20

existed the god tier certificate

21:30

I've done it

21:33

they said it couldn't be done

21:36

are they going to be rich

21:43

Please Subscribe hit the Bell like this

21:46

video share it to your friends thank you

21:48

so much for watching everyone we'll see

21:50

in the next video

21:51

[Music]

21:58

foreign