pauljerimy / seccertroadmaphtml Goto Github PK

When you click on the box for Kali Linux Certified Professional (KLCP), it goes to https://www.kali.org/penetration-testing-with-kali-linux/. This returns a 404.

The correct link is: https://kali.training/klcp/

Can proficiency levels be added like:

• Novice (unskilled, not knowing, new to)
• Beginner (Learning)
• Competent (knows adequately, qualified)
• Proficient (practiced, skillful)
• Expert (well practiced, having versatile knowledge)

Currently the ordering (work your way up from the bottom) is not clear for the people that are new to the cyber security arena.

Lunarline was purchased by Motorola Solutions and certification agency services appears to have been quietly discontinued. The website no longer works.

RCCE Foundation, RCCE Advanced, RCCI, CCO, RCPT, RCCS

RCCE is ANSI 17024 accredited

Move to SysOps

PCNSA Exam (Palo Alto Networks Certified Network Security Administrator) is reported two times in Communication and Network Security section

CTPRA and CTPRP third party assessments from Shared Assessment at https://sharedassessments.org/

I have received one feedback that Kubernetes certifications are ranked too low and that AWS certifications are ranked too high. This feedback was not corroborated but should be considered.

This chart is too large to be viewed properly on mobile devices. A smaller option should be made available to those who would like to view the chart without zooming.

If removing certifications to make a smaller chart is selected, proper selection criteria should be developed to decide which certifications to remove.

The current tooltip is very unpolished. Based on feedback, users would like a better tooltip that:

1. Positions on the mouse
2. Continues to pop up without delay
3. Provides additional information
4. Is formatted in a more expected way (such as "title" vs hover CSS3)

Constraints

• Switching from a formatted CSS3.hover text to title results in a pretty hover text, but there's a significant delay to the pop up.
• Only HTML/CSS3 should be used for those security minded users who do not allow scripts.

SCA https://www.suse.com/training/exam/sca-sles-15/
SCE https://www.suse.com/training/exam/sce-sles-15/
Remove SEA

Burp Suite is the most widely used tool for web application penetration testing. They have recently launched a certification, where one needs to demonstrate exploitation skills of multiple web applications to pass the exam.
https://portswigger.net/web-security/certification

Fortinet now has a certification at NSE3 named Fortinet NSE Associate and named certifications at NSE 5 and NSE 6. The other certifications also now have names.

Add the three new certifications and update the names of the NSE 4, NSE 7, and NSE 8.

You mistyped M_o_S, instead of M_o_R.

eLearnSecurity Certified Malware Analysis Professional.

https://elearnsecurity.com/product/ecmap-certification/

The eCMAP Certification voucher is $400.00

Cisco Certified CyberOps Professional Certification is now active since Nov 2020:
https://www.cisco.com/c/en/us/training-events/training-certifications/certifications/professional/cyberops-professional.html

This certification should be added under Security Operations.

• Malware On Steroids - https://0xdarkvortex.dev/training-programs/malware-on-steroids/ - $2000 USD
• Offensive Tool Development - https://0xdarkvortex.dev/training-programs/offensive-tool-development/ - $2000 USD
• Red Team & Operational Security - https://0xdarkvortex.dev/training-programs/red-team-and-operational-security/ - $2500 USD
• Adversary Operations & Proactive Hunting - https://0xdarkvortex.dev/training-programs/adversary-operations-and-proactive-hunting/ - $2500 USD
• Malware Incident & Log Forensics - https://0xdarkvortex.dev/training-programs/malware-incident-and-log-forensics/ - $2500 USD

Add EC Council B|DC B|FC B|BLC

Evaluate if this certification is consistent with the overall roadmap and add if it is.

Mosse stopped giving out MTCF

Source: https://www.mosse-institute.com/certifications.html

Research the GIAC Public Cloud Security and add to the chart if appropriate.

Currently the pricing is only in US$ - perhaps adding other prices where relevant for certifications would show the certification's availability around the world and be more intuitive for international users. I can work on this over the next few weeks and submit a PR if it is a feature that's wanted?

Cisco CyberOps Associate should be under Security Operations > Incident handling vs. Network Security. I addressed this via #7

Only the SANS course for GCUX is retired; the certification is still active with not plans to retire. Re-add to chart.

GCWN is currently located in the *nix subdomain where GCUX should be. Move to SysOps subdomain.

The name for Cisco's CyberOps Associate needs to be updated. I addressed it via pull request #6

As I understand the organization no longer exists and their website is shut down. This would be any certs related to https://www.iacertification.org/

CISM should be longer.

It covers Asset Security, Security and Risk Management, Security Assessment and Testing, and Incident Handling

Evaluate the EXIN 27001 foundation exam and see add it to the roadmap if it is consistent.

https://www.exin.com/certifications/information-security-foundation-based-iso-iec-27001-exam

Research the Mile2 Certified) Security Principles certification to see if it still exists. If it does, find the correct website.

There are no $75 exam on any section of https://www.seco-institute.org/certifications/information-security-track/
https://www.seco-institute.org/certifications-guide/
"To turn your exam certificate into a verifiable qualification that can improve your career prospects, you need to unlock your Practitioner certification title in the (S)ECO-System, our professional community. This takes only a few minutes and a small annual maintenance fee (€75, exclusive VAT)."
--this is like the JD powers awards, where you get the cert, and can only prove you have it with an annual maintenance fee.
further support
"Your Certified Officer credentials will be valid for a year. To keep your Certified Officer certification title and digital badge active, you will need to re-certify every year. To re-certify, you need to pay the annual maintenance fee of €150 and report at least 40 Continuing Professional Education (CPE) credits in the (S)ECO-System.

THERE IS:
Information Security Foundation Exam
€380,00 (€380,00)

Information Security Practitioner Exam
€450,00 (€450,00)

Neither of these belongs above the CASP or CISSP line.
They are closed source so you cannot look at the outline without paying for a course. There are course outlines NOT exam outlines.

Some social media posts have given a little more insight into the quality of the Mosse Security certifications, which may reduce their rankings.

evaluate Fair Institute Risk Management certifications for applicability and add to roadmap if warranted.

https://www.giac.org/certification/foundational-cybersecurity-technologies-gfact

I have received feedback that OSEE is ranked too low in comparison to other Offensive Security certifications and compared to GSE.

CNCF Has some certification in Kubernetes. Review their certifications and add to the chart as appropriate.

HTB Certified Penetration Testing Specialist (HTB CPTS)

https://academy.hackthebox.com/preview/certifications/htb-certified-penetration-testing-specialist/

Professional Evaluation and Certification Board (Canada)

PECB has been recommended as a certifying agency. Review the certifications they offer and consider placement on the roadmap.

Add the GIAC GSOC certification

Some professionals have asked for descriptions of each domain in order to get some context to their respective certifications.

I am considering adding hover text on the domain titles.

Add Microsoft Certified: Security Operations Analyst Associate (SC-200)
Add Microsoft Certified: Identity and Access Administrator Associate (SC-300)
Add Microsoft 365 Security Administration (MS-500)
Add SC-400 | Microsoft Information Protection Administrator
Add SC-900 | Microsoft Security, Compliance, and Identity Fundamentals

This chart uses two grids to draw the objects, one for the background (domain borders, title, and sub-domain shading) and one for the foreground (certification blocks).

The current code makes the chart align decently well at 1080p but uses vmax to resize to smaller or larger viewports. When resizing away from 1080p, the foreground objects sometimes overlap or underlap the background objects.

When adding new objects to the foreground, the foreground objects sometimes lose their alignment with the background and need to be tuned every update.

I noticed for Mile2 certs you have C)ISSM lower than C)ISSO which gives the impression that it is easier and I know that the difficulty is semi vague. However, I notice that Mile2 lists C)ISSM after C)ISSO making it seem like that is the progression they recommend.

https://www.mile2.com/information_systems_security_auditor_outline/

Same for C)ISSM and C)ISMS-LA/LI

https://www.mile2.com/cisms-la-li-outline/

C)CSA and C)TIA near the bottom as well when they are listed as more difficult certs

Review the Palo Alto certifications as they appear to have changed.

https://www.paloaltonetworks.com/services/education/certification

PCNSC, PCCSE, PCSAE, and PCCET

I just had to pass by and leave a comment this is stunning and that you are doing a great job!
Just though you could appreciate some sort of compliment for this awesome looking project you did. Do you know if there are other diagrams/maps/schematics of certifications on GitHub?

EC First has been recommended as a certifying agency. Review the certifications they offer and consider placement on the roadmap.

Add mosse institute certifications https://www.mosse-institute.com/certifications.html

• MCSF - Cloud Services Fundamentals
• MICS - Introduction to Cyber Security
• MNSE - Network Security Essentials
• MOIS - Certified OSINT Expert
• MRCI - Remote Cybersecurity Internship
• MSAF - System Administration Fundamentals
• MTCF - Technical Cybersecurity Fundamentals
• MASE - Certified Application Security Engineer
• MBT - Certified Blue Teamer
• MCL - Certified Cybersecurity Leader
• MCPT - Certified Cloud Penetration Tester
• MCSE - Certified Cloud Security Engineer
• MDFIR - Certified DFIR Specialist
• MESE - Certified Enterprise Security Engineer
• MGRC - Certified GRC Expert
• MPT - Certified Penetration Tester
• MRE - Certified Reverse Engineer
• MTH - Certified Threat Hunter
• MCD - Certified Code Deobfuscation Specialist
• MCPE - Certified Cyber Protection Expert
• MDSO - Certified DevSecOps Engineer
• MRT - Certified Red Teamer
• MTIA - Certified Threat Intelligence Analyst
• MVRE - Certified Vulnerability Researcher and Exploitation Specialist

I have received comments that PMI certifications (PgMP, PMP, and CAPM) are ranked too high for a cybersecurity roadmap. Some comments have suggested to remove project management certifications completely.

Review and place MITRE certifications if appropriate.

https://mitre-engenuity.org/mad/

Review the Certified Wireless Network Professional certifications for CWSP and CWNP and add to the chart as appropriate.

https://www.virtualhackinglabs.com/