Cybersecurity Certification Roadmap

Your guide to top certifications, aligned with DoD 8140 work roles. Filter by provider, level, or role, or click any cert for details.

Common Certification Paths (DoD 8140 Aligned)

Use these common paths as a guide. This list is now aligned with DoD 8140 proficiency levels (Basic, Intermediate, Advanced) and work roles.

  1. Budget-Friendly Path: For those on a budget, the CompTIA ecosystem is the most cost-effective. Security+ alone qualifies for 20+ Basic/Intermediate 8140 roles.
    Path: Security+ → CySA+ / PenTest+ → CASP+
  2. Cyber Defense (Blue Team): For roles like "Cyber Defense Analyst [511]" or "Incident Responder [531]".
    Path: Security+ → CySA+ / Cisco CyberOps / GSEC → GCIH / GCFA
  3. Offensive Ops (Red Team): For roles like "Exploitation Analyst [121]" or "Vulnerability Assessment Analyst [541]".
    Path: Security+ → PenTest+ / GPEN → OSCP
  4. Management & GRC: For roles like "Information Systems Security Manager (ISSM) [722]" or "Security Control Assessor [612]".
    Path: Security+ → CGRC / CISA → CISSP / CISM

Many professionals, even outside of government work, find the DoD 8140 framework to be one of the most well-researched, publicly available guides for mapping certifications to specific industry work roles.

Provider:
Level:
DoD 8140 Role:
(ISC)² Certified in Cybersecurity (CC)
(ISC)² Basic
Free*
CompTIA A+
CompTIA Basic
$246 (x2)*
CompTIA Network+
CompTIA Basic
$358
CompTIA Linux+
CompTIA Basic
$358
CompTIA Security+
CompTIA Basic
$425
Microsoft Certified: Security... (SC-900)
Cloud & Platform Basic
$99
(ISC)² SSCP
(ISC)² Intermediate
$249
(ISC)² CGRC
(ISC)² Intermediate
$599
Cisco Certified CyberOps Associate
Cloud & Platform Intermediate
$300
CompTIA Cloud+
Cloud & Platform Intermediate
$358
Microsoft Certified: Security... (SC-200)
Cloud & Platform Intermediate
$165
Microsoft Certified: Identity... (SC-300)
Cloud & Platform Intermediate
$165
GIAC Security Essentials (GSEC)
GIAC Intermediate
See Notes*
CompTIA CySA+
CompTIA Intermediate
$425
CompTIA PenTest+
CompTIA Intermediate
$425
ISACA CISA
ISACA Advanced
$575 / $760*
ISACA CISM
ISACA Advanced
$575 / $760*
ISACA CRISC
ISACA Advanced
$575 / $760*
ISACA CGEIT
ISACA Advanced
$575 / $760*
(ISC)² CCSP
(ISC)² Advanced
$599
(ISC)² CSSLP
(ISC)² Advanced
$599
Microsoft Certified: Azure Security... (AZ-500)
Cloud & Platform Advanced
$165
AWS Certified Security - Specialty
Cloud & Platform Advanced
$300
Google Cloud Certified: Professional...
Cloud & Platform Advanced
$200
Microsoft Certified: Cybersecurity... (SC-100)
Cloud & Platform Advanced
$165*
Cisco CCNP Security
Cloud & Platform Advanced
$400 + $300*
GIAC Certified Incident Handler (GCIH)
GIAC Advanced
See Notes*
GIAC Certified Intrusion Analyst (GCIA)
GIAC Advanced
See Notes*
GIAC Certified Penetration Tester (GPEN)
GIAC Advanced
See Notes*
GIAC Web Application Penetration Tester (GWAPT)
GIAC Advanced
See Notes*
GIAC Certified Forensic Analyst (GCFA)
GIAC Advanced
See Notes*
GIAC Certified Forensic Examiner (GCFE)
GIAC Advanced
See Notes*
GIAC Reverse Engineering Malware (GREM)
GIAC Advanced
See Notes*
Offensive Security OSCP
OffSec Advanced
$1,749*
GIAC Exploit Researcher... (GXPN)
GIAC Advanced
See Notes*
CompTIA SecurityX (CASP+)
CompTIA Advanced
$494
(ISC)² CISSP
(ISC)² Advanced
$749
(ISC)² ISSAP (CISSP Concentration)
(ISC)² Advanced
$599
(ISC)² ISSEP (CISSP Concentration)
(ISC)² Advanced
$599
(ISC)² ISSMP (CISSP Concentration)
(ISC)² Advanced
$599
GIAC Security Expert (GSE)
GIAC Advanced
Varies*

A Note on GIAC & SANS Pricing

The prices listed for GIAC certifications are for the exam attempt only. GIAC exams are open-book and designed to be taken after completing their associated SANS training courses, which cost several thousand dollars (e.g., $8,000+).

It's very challenging, but possible, to "challenge" the exam without the course. SANS also offers a Work Study Program (assisting at courses for a deep discount) and scholarship academies that can significantly reduce or cover these costs.