Your Guide to Essential EC-Council Certifications Mapped to the European Cybersecurity Skills Framework (ECSF)

What is the European Cybersecurity Skills Framework (ECSF)?

The European Cybersecurity Skills Framework (ECSF) is a framework created by ENISA—the European Union Agency for Cybersecurity—whose main focus is to unify cybersecurity job roles, skills, and competencies across Europe. Its purpose is to mitigate the cybersecurity skills gap by providing a common language for professionals, trainers, and employers.

Certifications Aligned with ECSF Standards

In alignment with the European Cybersecurity Skills Framework (ECSF), EC-Council offers targeted certifications and training programs that empower professionals with essential skills, and knowledge required for the most in-demand cybersecurity roles across Europe. By mapping our globally recognized certifications—such as the Certified Penetration Testing Professional (C|PENT), Certified Chief Information Security Officer (C|CISO), Certified Network Defender (C|ND), and Computer Hacking Forensic Investigator (C|HFI), among others—to the ECSF, we provide a clear pathway for individuals and organizations to understand how our certifications prepare professionals for roles within the ECSF framework. 

This page serves as a comprehensive guide for learners, recruiters, and employers alike. Discover which EC-Council certifications best align with ECSF roles and learn how our training programs support career growth, enhance cybersecurity expertise, and meet industry standards. Whether you’re an entry-level professional or a seasoned leader aiming for roles like Cybersecurity Analyst, Penetration Tester, or Chief Information Security Officer, our certifications are designed to help you reach your career aspirations and fulfill the competencies outlined in the ECSF. 

Learn more

EC-Council Certifications Mapped to the European Cybersecurity Skills Framework

Job Profile Titles

EC-Council Programs 

Chief Information Security Officer (CISO) 

cciso logo

Certified Chief Information Security Officer (C|CISO)

Cyber Incident Responder 

ECIH@2x-1
EC-Council Certified Incident Handler (E|CIH)

Cyber Legal, Policy & Compliance Officer 

cciso logo
Certified Chief Information Security Officer (C|CISO)

Cyber Threat Intelligence Specialist 

Threat Intelligence Certification
Certified Threat Intelligence Analyst (C|TIA)

Cybersecurity Implementer 

Certified network defender (CND)
Certified Network Defender (C|ND) 

Digital Forensics Investigator

CHFI certification Logo
Computer Hacking Forensic Investigator (C|HFI) 

Penetration Tester 

CPENT Logo
Certified Penetration Testing Professional (C|PENT)

EC-Council Certifications Mapped to the European Cybersecurity Skills Framework

Job Profile Titles

EC-Council Programs 

Chief Information Security Officer (CISO) 

Certified Chief Information Security Officer (C|CISO)

Cyber Incident Responder 

EC-Council Certified Incident Handler (E|CIH)

Cyber Legal, Policy & Compliance Officer 

Certified Chief Information Security Officer (C|CISO)

Cyber Threat Intelligence Specialist 

Threat Intelligence Certification
Certified Threat Intelligence Analyst (C|TIA)

Cybersecurity Implementer 

Certified network defender (CND)
Certified Network Defender (C|ND) 

Digital Forensics Investigator

Computer Hacking Forensic Investigator (C|HFI) 

Penetration Tester 

CPENT Logo
Certified Penetration Testing Professional (C|PENT)

Chief Information Security Officer (CISO) 

Cybersecurity Program Director, Information Security Officer (ISO), Information Security Manager, Head of Information Security IT/ICT & Security Officer 

Manages an organization’s cybersecurity strategy and its implementation to ensure that digital systems, services, and assets are adequately secure and protected. 

Mission

Defines, maintains, and communicates the cybersecurity vision, strategy, policies, and procedures. Manages the implementation of the cybersecurity policy across the organization. Ensures information exchange with external authorities and professional bodies.

Deliverable(s) 

  • Cybersecurity Strategy
  • Cybersecurity Policy

What is covered in EC-Council’s Certified Chief Information Security Officer (C|CISO)

Main Task (s)

Covered

C|CISO Domains

Define, implement, communicate, and maintain cybersecurity goals, requirements, strategies, and policies, aligned with the business strategy to support organizational objectives.

Yes

Domain 01, 03, 04, 05

Prepare and present the cybersecurity vision, strategies, and policies for approval by senior management, ensuring their execution.

Yes

Domain 01, 03, 04, 05

Supervise the application and improvement of the Information Security Management System (ISMS).

Yes

Domain 01, 03, 04, 05

Educate senior management about cybersecurity risks, threats, and their potential impact on the organization.

Yes

Domain 01

Ensure senior management approves the organization’s cybersecurity risks.

Yes

Domain 01

Develop comprehensive cybersecurity plans.

Yes

Domain 01, 05

Build relationships with cybersecurity-related authorities and communities.

No

Report cybersecurity incidents, risks, and findings to senior management.

Yes

Domain 03

Monitor advancements in cybersecurity.

No

Secure resources to implement the cybersecurity strategy effectively.

Yes

Domain 03, 05

Negotiate the cybersecurity budget with senior management.

Yes

Domain 03, 05

Ensure the organization’s resilience to cyber incidents.

Yes

Domain 03

Manage continuous capacity building within the organization.

No

Review, plan and allocate appropriate cybersecurity resources.

Yes

Domain 03

Learn more

Key Skill (s)

Covered

C|CISO Domains

CISO Key Skill – TAB

Yes

Domain 01, 03

Analyze and implement cybersecurity policies, certifications, standards, methodologies, and frameworks.

Yes

Domain 01

Analyze and comply with cybersecurity-related laws, regulations, and legislation.

Yes

Domain 01

Implement cybersecurity recommendations and best practices.

Yes

Domain 01–05

Manage cybersecurity resources effectively.

Yes

Domain 03

Develop, champion, and lead the execution of a cybersecurity strategy.

Yes

Domain 01, 03, 05

Influence and strengthen an organization’s cybersecurity culture.

No

Design, apply, monitor, and review the Information Security Management System (ISMS), either directly or by leading its outsourcing.

Yes

Domain 01–05

Review and enhance security documents, reports, and SLAs, ensuring alignment with security objectives.

Yes

Domain 03, 05

Identify and resolve cybersecurity-related issues.

Yes

Domain 03, 04

Establish and oversee a comprehensive cybersecurity plan.

Yes

Domain 01, 05

Communicate, coordinate, and cooperate with internal and external stakeholders.

Yes

Domain 03, 05

Anticipate and adapt to required changes in the organization’s information security strategy, formulating new plans as necessary.

Yes

Domain 01, 03, 05

Define and apply maturity models for cybersecurity management.

No

Anticipate cybersecurity threats, organizational needs, and upcoming challenges.

Yes

Domain 03, 04

Motivate and encourage team members.

No

Apply now

Key knowledge

Covered

C|CISO Domains

Cybersecurity policies

Yes

Domain 01, 04

Cybersecurity standards, methodologies, and frameworks

Yes

Domain 01, 02, 04

Cybersecurity recommendations and best practices

Yes

Domain 01–05

Cybersecurity-related laws, regulations, and legislation

Yes

Domain 01, 02

Cybersecurity-related certifications

Yes

Domain 03

Ethical cybersecurity organization requirements

Yes

Domain 02, 03

Cybersecurity maturity models

Yes

Domain 01–05

Cybersecurity procedures

Yes

Domain 01–05

Resource management

Yes

Domain 05

Management practices

Yes

Domain 01–05

Risk management standards, methodologies, and frameworks

Yes

Domain 01

Apply now

Cybersecurity Program Director, Information Security Officer (ISO), Information Security Manager, Head of Information Security IT/ICT & Security Officer 

Manages an organization’s cybersecurity strategy and its implementation to ensure that digital systems, services, and assets are adequately secure and protected. 

Mission

Defines, maintains, and communicates the cybersecurity vision, strategy, policies, and procedures. Manages the implementation of the cybersecurity policy across the organization. Ensures information exchange with external authorities and professional bodies.

Deliverable(s) 

  • Cybersecurity Strategy
  • Cybersecurity Policy

What is covered in EC-Council’s Certified Chief Information Security Officer (C|CISO)

Main Task (s)

Covered

C|CISO Domains

Define, implement, communicate, and maintain cybersecurity goals, requirements, strategies, and policies, aligned with the business strategy to support organizational objectives.

Yes

Domain 01, 03, 04, 05

Prepare and present the cybersecurity vision, strategies, and policies for approval by senior management, ensuring their execution.

Yes

Domain 01, 03, 04, 05

Supervise the application and improvement of the Information Security Management System (ISMS).

Yes

Domain 01, 03, 04, 05

Educate senior management about cybersecurity risks, threats, and their potential impact on the organization.

Yes

Domain 01

Ensure senior management approves the organization’s cybersecurity risks.

Yes

Domain 01

Develop comprehensive cybersecurity plans.

Yes

Domain 01, 05

Build relationships with cybersecurity-related authorities and communities.

No

Report cybersecurity incidents, risks, and findings to senior management.

Yes

Domain 03

Monitor advancements in cybersecurity.

No

Secure resources to implement the cybersecurity strategy effectively.

Yes

Domain 03, 05

Negotiate the cybersecurity budget with senior management.

Yes

Domain 03, 05

Ensure the organization’s resilience to cyber incidents.

Yes

Domain 03

Manage continuous capacity building within the organization.

No

Review, plan and allocate appropriate cybersecurity resources.

Yes

Domain 03

Learn more

Key Skill (s)

Covered

C|CISO Domains

CISO Key Skill – TAB

Yes

Domain 01, 03

Analyze and implement cybersecurity policies, certifications, standards, methodologies, and frameworks.

Yes

Domain 01

Analyze and comply with cybersecurity-related laws, regulations, and legislation.

Yes

Domain 01

Implement cybersecurity recommendations and best practices.

Yes

Domain 01–05

Manage cybersecurity resources effectively.

Yes

Domain 03

Develop, champion, and lead the execution of a cybersecurity strategy.

Yes

Domain 01, 03, 05

Influence and strengthen an organization’s cybersecurity culture.

No

Design, apply, monitor, and review the Information Security Management System (ISMS), either directly or by leading its outsourcing.

Yes

Domain 01–05

Review and enhance security documents, reports, and SLAs, ensuring alignment with security objectives.

Yes

Domain 03, 05

Identify and resolve cybersecurity-related issues.

Yes

Domain 03, 04

Establish and oversee a comprehensive cybersecurity plan.

Yes

Domain 01, 05

Communicate, coordinate, and cooperate with internal and external stakeholders.

Yes

Domain 03, 05

Anticipate and adapt to required changes in the organization’s information security strategy, formulating new plans as necessary.

Yes

Domain 01, 03, 05

Define and apply maturity models for cybersecurity management.

No

Anticipate cybersecurity threats, organizational needs, and upcoming challenges.

Yes

Domain 03, 04

Motivate and encourage team members.

No

Apply now

Key knowledge

Covered

C|CISO Domains

Cybersecurity policies

Yes

Domain 01, 04

Cybersecurity standards, methodologies, and frameworks

Yes

Domain 01, 02, 04

Cybersecurity recommendations and best practices

Yes

Domain 01–05

Cybersecurity-related laws, regulations, and legislation

Yes

Domain 01, 02

Cybersecurity-related certifications

Yes

Domain 03

Ethical cybersecurity organization requirements

Yes

Domain 02, 03

Cybersecurity maturity models

Yes

Domain 01–05

Cybersecurity procedures

Yes

Domain 01–05

Resource management

Yes

Domain 05

Management practices

Yes

Domain 01–05

Risk management standards, methodologies, and frameworks

Yes

Domain 01

Apply now

Cyber Incident Responder

Cyber Incident Handler Cyber Crisis Expert Incident Response Engineer Security Operations Center (SOC) Analyst Cyber Fighter/Defender Cybersecurity SIEM Manager

Monitor the organization’s cybersecurity posture, manage incidents during cyberattacks, and ensure the continued operation of ICT systems.

Mission

Monitors and assesses the cybersecurity state of systems. Analyzes, evaluates, and mitigates the impact of cybersecurity incidents. Identifies the root cause of cyber incidents and malicious actors. Restores the functionality of systems and processes to an operational state in accordance with the organization’s Incident Response Plan while collecting evidence and documenting actions taken.

Deliverable(s) 

  • Incident Response Plan
  • Cyber Incident Report

What is covered in EC-Council’s Certified Incident Handler (E|CIH)

Main Task (s)

Covered

E|CIH Modules

Contribute to the development, maintenance, and assessment of the Incident Response Plan.

Yes

Module 02–09

Develop, implement, and assess procedures related to incident handling.

Yes

Module 01–09

Identify, analyze, mitigate, and communicate cybersecurity incidents.

Yes

Module 02–09

Assess and manage technical vulnerabilities.

Yes

Module 03–09

Measure the effectiveness of cybersecurity incident detection and response.

Yes

Module 02–09

Evaluate the resilience of the cybersecurity controls and mitigation actions taken after a cybersecurity or data breach incident.

Yes

Module 03–09

Adopt and develop incident handling testing techniques.

Yes

Module 03–09

Establish procedures for incident results analysis and incident handling reporting.

Yes

Module 01

Document the results of incident analysis and actions taken for incident handling.

No

Cooperate with Secure Operation Centers (SOCs) and Computer Security Incident Response Teams (CSIRTs).

No

Work with key personnel to report security incidents in accordance with the applicable legal framework.

No

Learn more

Key Skill (s)

Covered

E|CIH Modules

Practice all technical, functional, and operational aspects of cybersecurity incident handling and response.

Yes

Module 01–09

Collect, analyze, and correlate cyberthreat information originating from multiple sources.

Yes

Module 01–09

Work with operating systems, servers, clouds, and relevant infrastructures.

Yes

Module 01–09

Perform effectively under pressure.

No

Communicate, present, and report to relevant stakeholders.

No

Manage and analyze log files.

Yes

Module 04–09

Apply now

Key knowledge

Covered

E|CIH Modules

Incident handling standards, methodologies, and frameworks

Yes

Module 01–02

Incident handling recommendations and best practices

Yes

Module 01–09

Incident handling tools

Yes

Module 02–09

Incident handling communication procedures

No

Operating systems security

No

Computer network security

No

Cyberthreats

Yes

Module 01

Cybersecurity attack procedures

No

Computer systems vulnerabilities

Yes

Module 01

Cybersecurity-related certifications

No

Cybersecurity-related laws, regulations, and legislation

Yes

Module 01

Security Operation Centers (SOCs)

No

Computer Security Incident Response Teams (CSIRTs) operations

No

Apply now

Cyber Incident Handler Cyber Crisis Expert Incident Response Engineer Security Operations Center (SOC) Analyst Cyber Fighter/Defender Cybersecurity SIEM Manager

Monitor the organization’s cybersecurity posture, manage incidents during cyberattacks, and ensure the continued operation of ICT systems.

Mission

Monitors and assesses the cybersecurity state of systems. Analyzes, evaluates, and mitigates the impact of cybersecurity incidents. Identifies the root cause of cyber incidents and malicious actors. Restores the functionality of systems and processes to an operational state in accordance with the organization’s Incident Response Plan while collecting evidence and documenting actions taken.

Deliverable(s) 

  • Incident Response Plan
  • Cyber Incident Report

What is covered in EC-Council’s Certified Incident Handler (E|CIH)

Main Task (s)

Covered

E|CIH Modules

Contribute to the development, maintenance, and assessment of the Incident Response Plan.

Yes

Module 02–09

Develop, implement, and assess procedures related to incident handling.

Yes

Module 01–09

Identify, analyze, mitigate, and communicate cybersecurity incidents.

Yes

Module 02–09

Assess and manage technical vulnerabilities.

Yes

Module 03–09

Measure the effectiveness of cybersecurity incident detection and response.

Yes

Module 02–09

Evaluate the resilience of the cybersecurity controls and mitigation actions taken after a cybersecurity or data breach incident.

Yes

Module 03–09

Adopt and develop incident handling testing techniques.

Yes

Module 03–09

Establish procedures for incident results analysis and incident handling reporting.

Yes

Module 01

Document the results of incident analysis and actions taken for incident handling.

No

Cooperate with Secure Operation Centers (SOCs) and Computer Security Incident Response Teams (CSIRTs).

No

Work with key personnel to report security incidents in accordance with the applicable legal framework.

No

Learn more

Key Skill (s)

Covered

E|CIH Modules

Practice all technical, functional, and operational aspects of cybersecurity incident handling and response.

Yes

Module 01–09

Collect, analyze, and correlate cyberthreat information originating from multiple sources.

Yes

Module 01–09

Work with operating systems, servers, clouds, and relevant infrastructures.

Yes

Module 01–09

Perform effectively under pressure.

No

Communicate, present, and report to relevant stakeholders.

No

Manage and analyze log files.

Yes

Module 04–09

Apply now

Key knowledge

Covered

E|CIH Modules

Incident handling standards, methodologies, and frameworks

Yes

Module 01–02

Incident handling recommendations and best practices

Yes

Module 01–09

Incident handling tools

Yes

Module 02–09

Incident handling communication procedures

No

Operating systems security

No

Computer network security

No

Cyberthreats

Yes

Module 01

Cybersecurity attack procedures

No

Computer systems vulnerabilities

Yes

Module 01

Cybersecurity-related certifications

No

Cybersecurity-related laws, regulations, and legislation

Yes

Module 01

Security Operation Centers (SOCs)

No

Computer Security Incident Response Teams (CSIRTs) operations

No

Apply now

Cyber Legal, Policy & Compliance Officer

Data Protection Officer (DPO) Privacy Protection Officer Cyber Law Consultant Cyber Legal Advisor Information Governance Officer Data Compliance Officer Cybersecurity Legal Officer IT/ICT Compliance Manager Governance, Risk, and Compliance (GRC) Consultant.

Manages compliance with cybersecurity-related standards, as well as legal and regulatory frameworks, in alignment with the organization’s strategy and legal requirements.

Mission

Oversees and ensures compliance with cybersecurity- and data-related legal and regulatory frameworks, as well as policies, in alignment with the organization’s strategy and legal requirements. Contributes to the organization’s data protection initiatives. Provides legal advice for the development of the organization’s cybersecurity governance processes and recommends remediation strategies/solutions to ensure compliance.

Deliverable(s) 

  • Compliance Manual
  • Compliance Report

What is covered in EC-Council’s Certified Chief Information Security Officer Program

Main Task (s)

Covered

C|CISO Domains

Ensure compliance with, and provide legal advice and guidance on, data privacy and data protection standards, laws, and regulations.

Yes

Domain 01

Identify and document compliance gaps.

Yes

Domain 01

Conduct privacy impact assessments and develop, maintain, communicate, and provide training on privacy policies and procedures.

No

Enforce and advocate for the organization’s data privacy and protection program.

No

Ensure that data owners, holders, controllers, processors, subjects, and internal or external partners and entities are informed about their data protection rights, obligations, and responsibilities.

No

Act as a key contact point for handling queries and complaints regarding data processing.

No

Assist in designing, implementing, auditing, and conducting compliance testing activities to ensure cybersecurity and privacy compliance.

Yes

Domain 01

Monitor audits and data protection-related training activities.

No

Cooperate and share information with authorities and professional groups.

No

Contribute to the development of the organization’s cybersecurity strategy, policy, and procedures.

Yes

Domain 01, 03, 04, 05

Develop and propose staff awareness training to achieve compliance and foster a culture of data protection within the organization.

No

Manage the legal aspects of information security responsibilities and third-party relations.

Yes

Domain 01

Learn more

Key Skill (s)

Covered

C|CISO Domains

Develop a comprehensive understanding of the business strategy, models, and products, and integrate legal and regulatory standards and requirements accordingly.

Yes

Domain 01, 03, 04, 05

Apply practical data protection and privacy measures involved in the implementation of organizational processes, financial activities, and business strategies.

No

Lead the development of appropriate cybersecurity and privacy policies and procedures that align with business needs and legal requirements; ensure their acceptance, comprehension, implementation, and effective communication among all involved parties.

Yes

Domain 01

Conduct, monitor, and review privacy impact assessments using standards, frameworks, recognized methodologies, and tools.

No

Explain and communicate data protection and privacy topics to stakeholders and users.

No

Understand, practice, and adhere to ethical requirements and standards.

No

Access the implications of legal framework modifications on the organization’s cybersecurity and data protection strategy and policies.

Yes

Domain 01, 03, 04, 05

Collaborate effectively with other team members and colleagues.

No

Apply now

Key knowledge

Covered

C|CISO Domains

Cybersecurity-related laws, regulations, and legislation

Yes

Domain 01, 02

Cybersecurity standards, methodologies, and frameworks

Yes

Domain 01, 02, 04

Cybersecurity policies

Yes

Domain 01, 04

Legal, regulatory, and legislative compliance requirements, recommendations, and best practices

Yes

Domain 01

Privacy impact assessment standards, methodologies, and frameworks

No

Apply now

Data Protection Officer (DPO) Privacy Protection Officer Cyber Law Consultant Cyber Legal Advisor Information Governance Officer Data Compliance Officer Cybersecurity Legal Officer IT/ICT Compliance Manager Governance, Risk, and Compliance (GRC) Consultant.

Manages compliance with cybersecurity-related standards, as well as legal and regulatory frameworks, in alignment with the organization’s strategy and legal requirements.

Mission

Oversees and ensures compliance with cybersecurity- and data-related legal and regulatory frameworks, as well as policies, in alignment with the organization’s strategy and legal requirements. Contributes to the organization’s data protection initiatives. Provides legal advice for the development of the organization’s cybersecurity governance processes and recommends remediation strategies/solutions to ensure compliance.

Deliverable(s) 

  • Compliance Manual
  • Compliance Report

What is covered in EC-Council’s Certified Chief Information Security Officer Program

Main Task (s)

Covered

C|CISO Domains

Ensure compliance with, and provide legal advice and guidance on, data privacy and data protection standards, laws, and regulations.

Yes

Domain 01

Identify and document compliance gaps.

Yes

Domain 01

Conduct privacy impact assessments and develop, maintain, communicate, and provide training on privacy policies and procedures.

No

Enforce and advocate for the organization’s data privacy and protection program.

No

Ensure that data owners, holders, controllers, processors, subjects, and internal or external partners and entities are informed about their data protection rights, obligations, and responsibilities.

No

Act as a key contact point for handling queries and complaints regarding data processing.

No

Assist in designing, implementing, auditing, and conducting compliance testing activities to ensure cybersecurity and privacy compliance.

Yes

Domain 01

Monitor audits and data protection-related training activities.

No

Cooperate and share information with authorities and professional groups.

No

Contribute to the development of the organization’s cybersecurity strategy, policy, and procedures.

Yes

Domain 01, 03, 04, 05

Develop and propose staff awareness training to achieve compliance and foster a culture of data protection within the organization.

No

Manage the legal aspects of information security responsibilities and third-party relations.

Yes

Domain 01

Learn more

Key Skill (s)

Covered

C|CISO Domains

Develop a comprehensive understanding of the business strategy, models, and products, and integrate legal and regulatory standards and requirements accordingly.

Yes

Domain 01, 03, 04, 05

Apply practical data protection and privacy measures involved in the implementation of organizational processes, financial activities, and business strategies.

No

Lead the development of appropriate cybersecurity and privacy policies and procedures that align with business needs and legal requirements; ensure their acceptance, comprehension, implementation, and effective communication among all involved parties.

Yes

Domain 01

Conduct, monitor, and review privacy impact assessments using standards, frameworks, recognized methodologies, and tools.

No

Explain and communicate data protection and privacy topics to stakeholders and users.

No

Understand, practice, and adhere to ethical requirements and standards.

No

Access the implications of legal framework modifications on the organization’s cybersecurity and data protection strategy and policies.

Yes

Domain 01, 03, 04, 05

Collaborate effectively with other team members and colleagues.

No

Apply now

Key knowledge

Covered

C|CISO Domains

Cybersecurity-related laws, regulations, and legislation

Yes

Domain 01, 02

Cybersecurity standards, methodologies, and frameworks

Yes

Domain 01, 02, 04

Cybersecurity policies

Yes

Domain 01, 04

Legal, regulatory, and legislative compliance requirements, recommendations, and best practices

Yes

Domain 01

Privacy impact assessment standards, methodologies, and frameworks

No

Apply now

Cyber Threat Intelligence Specialist

Cyber Intelligence Analyst Cyber Threat Modeler

Collect, process, and analyze data and information to produce actionable intelligence reports and disseminate them to target stakeholders.

Mission

Manages the cyber threat intelligence (CTI) lifecycle, including the collection of cyberthreat information, analysis, production of actionable intelligence, and dissemination to security stakeholders and the CTI community at tactical, operational, and strategic levels. Identifies and monitors the Tactics, Techniques and Procedures (TTPs) used by cyberthreat actors, tracks their activities, analyzes trends, and observes how non-cyber events may influence cyber-related actions.

Deliverable(s) 

  • Cyber Threat Intelligence Manual
  • Cyber Threat Report

What is covered in EC-Council’s Certified Threat Intelligence Analyst (C|TIA) program

Main Task (s)

Covered

C|TIA Modules

Develop, implement, and manage the organization’s cyberthreat intelligence strategy.

Yes

Module 01–06

Create plans and procedures to manage threat intelligence effectively.

Yes

Module 03

Translate business requirements into actionable intelligence requirements.

Yes

Module 03

Implement threat intelligence processes, including collection, analysis, production of actionable intelligence, and dissemination to security stakeholders.

Yes

Module 03–06

Identify and assess cyberthreat actors targeting the organization.

Yes

Module 02–04

Identify, monitor, and evaluate the Tactics, Techniques and Procedures (TTPs) used by cyberthreat actors by analyzing open-source and proprietary data, information, and intelligence.

Yes

Module 02, 04

Produce actionable reports based on threat intelligence data.

Yes

Module 06

Develop and advise on mitigation plans at the tactical, operational, and strategic levels.

Yes

Module 01–06

Coordinate with stakeholders to share and consume intelligence on relevant cyberthreats.

Yes

Module 03, 06

Leverage intelligence data to support threat modeling, recommend risk mitigation strategies, and facilitate cyberthreat hunting efforts.

Yes

Module 05

Articulate and communicate intelligence clearly at all levels, including publicly when required.

Yes

Module 06

Effectively convey security severity by explaining risk exposure and its consequences to non-technical stakeholders.

No

Learn more

Key Skill (s)

Covered

C|TIA Modules

Collaborate with team members and colleagues.

Yes

Module 03

Collect, analyze and correlate cyberthreat information from multiple sources.

Yes

Module 04–06

Identify threat actors, TTPs (Tactics, Techniques, and Procedures), and campaigns.

Yes

Module 02–05

Automate threat intelligence management procedures.

Yes

Module 01–06

Conduct technical analysis and reporting.

Yes

Module 04–06

Identify non-cyber events with implications for cyber-related activities.

No

Model threats, actors and TTPs.

Yes

Module 02

Communicate, coordinate, and cooperate with internal and external stakeholders.

Yes

Module 03

Communicate, present, and report findings to relevant stakeholders.

Yes

Module 03, 06

Use and apply cyber threat intelligence (CTI) platforms and tools.

Yes

Module 01–06

Apply now

Key knowledge

Covered

C|TIA Modules

Operating systems security

No

Computer network security

No

Cybersecurity controls and solutions

No

Computer programming

No

Cyber threat intelligence (CTI) sharing standards, methodologies, and frameworks

Yes

Module 01, 03, 06

Responsible information disclosure procedures

Yes

Module 03, 06

Cross-domain and border-domain knowledge related to cybersecurity

No

Cyberthreats

Yes

Module 02

Cyberthreat actors

Yes

Module 02

Cybersecurity attack procedures

Yes

Module 02

Advanced Persistent Threats (APTs)

Yes

Module 02

Threat actors’ Tactics, Techniques and Procedures (TTPs)

Yes

Module 02

Cybersecurity-related certifications

No

Apply now

Cyber Intelligence Analyst Cyber Threat Modeler

Collect, process, and analyze data and information to produce actionable intelligence reports and disseminate them to target stakeholders.

Mission

Manages the cyber threat intelligence (CTI) lifecycle, including the collection of cyberthreat information, analysis, production of actionable intelligence, and dissemination to security stakeholders and the CTI community at tactical, operational, and strategic levels. Identifies and monitors the Tactics, Techniques and Procedures (TTPs) used by cyberthreat actors, tracks their activities, analyzes trends, and observes how non-cyber events may influence cyber-related actions.

Deliverable(s) 

  • Cyber Threat Intelligence Manual
  • Cyber Threat Report

What is covered in EC-Council’s Certified Threat Intelligence Analyst (C|TIA) program

Main Task (s)

Covered

C|TIA Modules

Develop, implement, and manage the organization’s cyberthreat intelligence strategy.

Yes

Module 01–06

Create plans and procedures to manage threat intelligence effectively.

Yes

Module 03

Translate business requirements into actionable intelligence requirements.

Yes

Module 03

Implement threat intelligence processes, including collection, analysis, production of actionable intelligence, and dissemination to security stakeholders.

Yes

Module 03–06

Identify and assess cyberthreat actors targeting the organization.

Yes

Module 02–04

Identify, monitor, and evaluate the Tactics, Techniques and Procedures (TTPs) used by cyberthreat actors by analyzing open-source and proprietary data, information, and intelligence.

Yes

Module 02, 04

Produce actionable reports based on threat intelligence data.

Yes

Module 06

Develop and advise on mitigation plans at the tactical, operational, and strategic levels.

Yes

Module 01–06

Coordinate with stakeholders to share and consume intelligence on relevant cyberthreats.

Yes

Module 03, 06

Leverage intelligence data to support threat modeling, recommend risk mitigation strategies, and facilitate cyberthreat hunting efforts.

Yes

Module 05

Articulate and communicate intelligence clearly at all levels, including publicly when required.

Yes

Module 06

Effectively convey security severity by explaining risk exposure and its consequences to non-technical stakeholders.

No

Learn more

Key Skill (s)

Covered

C|TIA Modules

Collaborate with team members and colleagues.

Yes

Module 03

Collect, analyze and correlate cyberthreat information from multiple sources.

Yes

Module 04–06

Identify threat actors, TTPs (Tactics, Techniques, and Procedures), and campaigns.

Yes

Module 02–05

Automate threat intelligence management procedures.

Yes

Module 01–06

Conduct technical analysis and reporting.

Yes

Module 04–06

Identify non-cyber events with implications for cyber-related activities.

No

Model threats, actors and TTPs.

Yes

Module 02

Communicate, coordinate, and cooperate with internal and external stakeholders.

Yes

Module 03

Communicate, present, and report findings to relevant stakeholders.

Yes

Module 03, 06

Use and apply cyber threat intelligence (CTI) platforms and tools.

Yes

Module 01–06

Apply now

Key knowledge

Covered

C|TIA Modules

Operating systems security

No

Computer network security

No

Cybersecurity controls and solutions

No

Computer programming

No

Cyber threat intelligence (CTI) sharing standards, methodologies, and frameworks

Yes

Module 01, 03, 06

Responsible information disclosure procedures

Yes

Module 03, 06

Cross-domain and border-domain knowledge related to cybersecurity

No

Cyberthreats

Yes

Module 02

Cyberthreat actors

Yes

Module 02

Cybersecurity attack procedures

Yes

Module 02

Advanced Persistent Threats (APTs)

Yes

Module 02

Threat actors’ Tactics, Techniques and Procedures (TTPs)

Yes

Module 02

Cybersecurity-related certifications

No

Apply now

Cybersecurity Implementer

Information Security Implementer Cybersecurity Solutions Expert Cybersecurity Developer Cybersecurity Engineer Development, Security, & Operations (DevSecOps) Engineer

Develop, deploy, and operate cybersecurity solutions (systems, assets, software, controls, and services) across infrastructures and products.

Mission

Provides cybersecurity-related technical development, integration, testing, implementation, operation, maintenance, monitoring, and support of cybersecurity solutions. Ensures adherence to specifications and conformance requirements, assures sound performance, and resolves technical issues in the organization’s cybersecurity-related solutions (systems, assets, software, controls, and services), infrastructures and products.

Deliverable(s) 

  • Cybersecurity Solutions

What is covered in EC-Council’s Certified Network Defender (C|ND) program

Main Task (s)

Covered

C|ND Modules

Develop, implement, maintain, upgrade, and test cybersecurity products.

Yes

Module 01–20

Provide cybersecurity-related support to users and customers.

No

Integrate cybersecurity solutions and ensure their sound operation.

Yes

Module 03–13

Securely configure systems, services, and products.

Yes

Module 03–13

Maintain and upgrade the security of systems, services, and products.

Yes

Module 03–13

Implement cybersecurity procedures and controls.

Yes

Module 01–20

Monitor and assess the performance of implemented cybersecurity controls.

Yes

Module 14, 15

Document and report on the security of systems, services, and products.

No

Collaborate with the IT/OT personnel on cybersecurity-related actions.

No

Implement, apply, and manage patches for products to address technical vulnerabilities.

Yes

Module 06, 07

Learn more

Key Skill (s)

Covered

C|ND Modules

Communicate, present, and report to relevant stakeholders.

Yes

Module 16

Integrate cybersecurity solutions into the organization’s infrastructure.

Yes

Module 01–20

Configure solutions in alignment with the organization’s security policies.

Yes

Module 02–13

Assess the security and performance of implemented solutions.

Yes

Module 04–13,14 18, 19

Develop code, scripts, and programs.

No

Identify and resolve cybersecurity-related issues.

Yes

Module 02–20

Collaborate with other team members and colleagues

No

Apply now

Key knowledge

Covered

C|ND Modules

Secure development lifecycle

No

Computer programming

No

Operating systems security

Yes

Module 06, 07

Computer network security

Yes

Module 01–20

Cybersecurity controls and solutions

Yes

Module 01–20

Offensive and defensive security practices

Yes

Module 01–20

Secure coding recommendations and best practices

No

Cybersecurity recommendations and best practices

Yes

Module 01–20

Testing standards, methodologies, and frameworks

No

Testing procedures

No

Cybersecurity-related technologies

Yes

Module 01–20

Apply now

Information Security Implementer Cybersecurity Solutions Expert Cybersecurity Developer Cybersecurity Engineer Development, Security, & Operations (DevSecOps) Engineer

Develop, deploy, and operate cybersecurity solutions (systems, assets, software, controls, and services) across infrastructures and products.

Mission

Provides cybersecurity-related technical development, integration, testing, implementation, operation, maintenance, monitoring, and support of cybersecurity solutions. Ensures adherence to specifications and conformance requirements, assures sound performance, and resolves technical issues in the organization’s cybersecurity-related solutions (systems, assets, software, controls, and services), infrastructures and products.

Deliverable(s) 

  • Cybersecurity Solutions

What is covered in EC-Council’s Certified Network Defender (C|ND) program

Main Task (s)

Covered

C|ND Modules

Develop, implement, maintain, upgrade, and test cybersecurity products.

Yes

Module 01–20

Provide cybersecurity-related support to users and customers.

No

Integrate cybersecurity solutions and ensure their sound operation.

Yes

Module 03–13

Securely configure systems, services, and products.

Yes

Module 03–13

Maintain and upgrade the security of systems, services, and products.

Yes

Module 03–13

Implement cybersecurity procedures and controls.

Yes

Module 01–20

Monitor and assess the performance of implemented cybersecurity controls.

Yes

Module 14, 15

Document and report on the security of systems, services, and products.

No

Collaborate with the IT/OT personnel on cybersecurity-related actions.

No

Implement, apply, and manage patches for products to address technical vulnerabilities.

Yes

Module 06, 07

Learn more

Key Skill (s)

Covered

C|ND Modules

Communicate, present, and report to relevant stakeholders.

Yes

Module 16

Integrate cybersecurity solutions into the organization’s infrastructure.

Yes

Module 01–20

Configure solutions in alignment with the organization’s security policies.

Yes

Module 02–13

Assess the security and performance of implemented solutions.

Yes

Module 04–13,14 18, 19

Develop code, scripts, and programs.

No

Identify and resolve cybersecurity-related issues.

Yes

Module 02–20

Collaborate with other team members and colleagues

No

Apply now

Key knowledge

Covered

C|ND Modules

Secure development lifecycle

No

Computer programming

No

Operating systems security

Yes

Module 06, 07

Computer network security

Yes

Module 01–20

Cybersecurity controls and solutions

Yes

Module 01–20

Offensive and defensive security practices

Yes

Module 01–20

Secure coding recommendations and best practices

No

Cybersecurity recommendations and best practices

Yes

Module 01–20

Testing standards, methodologies, and frameworks

No

Testing procedures

No

Cybersecurity-related technologies

Yes

Module 01–20

Apply now

Digital Forensics Investigator

Digital Forensics Analyst Cybersecurity & Forensic Specialist Computer Forensics Consultant

Ensure the cybercriminal investigation reveals all digital evidence necessary to prove the malicious activity.

Mission

Connects artifacts to natural persons and captures, recovers, identifies, and preserves data, including manifestations, inputs, outputs, and processes of digital systems under investigation. Provides analysis, reconstruction, and interpretation of digital evidence based on a qualitative opinion. Presents an unbiased qualitative view without interpreting the resultant findings.

Deliverable(s) 

  • Digital Forensics Analysis Results
  • Electronic Evidence

What is covered in EC-Council’s Computer Hacking Forensics Investigator (C|HFI) Certification

Main Task (s)

Covered

C|HFI Modules

Develop digital forensics investigation policies, plans, and procedures.

Yes

Module 01, 02

Identify, recover, extract, document, and analyze digital evidence.

Yes

Module 01–16

Preserve and protect digital evidence, ensuring it is available to authorized stakeholders.

Yes

Module 01–16

Inspect environments for evidence of unauthorized and unlawful actions.

Yes

Module 02

Systematically and deterministically document, report, and present digital forensic analysis findings and results.

Yes

Module 01, 02

Select and customize forensics testing, analysis, and reporting techniques.

Yes

Module 03–16

Learn more

Key Skill (s)

Covered

C|HFI Modules

Work ethically and independently, without influence or bias from internal or external actors.

Yes

Module 01

Collect information while ensuring its integrity is preserved.

Yes

Module 01–16

Identify, analyze, and correlate cybersecurity events.

Yes

Module 03–16

Explain and present digital evidence in a simple, straightforward, and easy-to-understand manner.

Yes

Module 01, 02

Develop and communicate detailed and well-reasoned investigation reports.

No

Apply now

Key knowledge

Covered

C|HFI Modules

Digital forensics recommendations and best practices

Yes

Module 01–16

Digital forensics standards, methodologies, and frameworks

Yes

Module 01–16

Digital forensics analysis procedures

Yes

Module 02–16

Testing procedures

No

Criminal investigation procedures, standards, methodologies, and frameworks

Yes

Module 01–16

Cybersecurity-related laws, regulations, and legislation

Yes

Module 01

Malware analysis tools

Yes

Module 06, 07, 08, 14

Cyberthreats

No

Computer systems vulnerabilities

No

Cybersecurity attack procedures

No

Operating systems security

No

Computer network security

No

Cybersecurity-related certifications

No

Apply now

Digital Forensics Analyst Cybersecurity & Forensic Specialist Computer Forensics Consultant

Ensure the cybercriminal investigation reveals all digital evidence necessary to prove the malicious activity.

Mission

Connects artifacts to natural persons and captures, recovers, identifies, and preserves data, including manifestations, inputs, outputs, and processes of digital systems under investigation. Provides analysis, reconstruction, and interpretation of digital evidence based on a qualitative opinion. Presents an unbiased qualitative view without interpreting the resultant findings.

Deliverable(s) 

  • Digital Forensics Analysis Results
  • Electronic Evidence

What is covered in EC-Council’s Computer Hacking Forensics Investigator (C|HFI) Certification

Main Task (s)

Covered

C|HFI Modules

Develop digital forensics investigation policies, plans, and procedures.

Yes

Module 01, 02

Identify, recover, extract, document, and analyze digital evidence.

Yes

Module 01–16

Preserve and protect digital evidence, ensuring it is available to authorized stakeholders.

Yes

Module 01–16

Inspect environments for evidence of unauthorized and unlawful actions.

Yes

Module 02

Systematically and deterministically document, report, and present digital forensic analysis findings and results.

Yes

Module 01, 02

Select and customize forensics testing, analysis, and reporting techniques.

Yes

Module 03–16

Learn more

Key Skill (s)

Covered

C|HFI Modules

Work ethically and independently, without influence or bias from internal or external actors.

Yes

Module 01

Collect information while ensuring its integrity is preserved.

Yes

Module 01–16

Identify, analyze, and correlate cybersecurity events.

Yes

Module 03–16

Explain and present digital evidence in a simple, straightforward, and easy-to-understand manner.

Yes

Module 01, 02

Develop and communicate detailed and well-reasoned investigation reports.

No

Apply now

Key knowledge

Covered

C|HFI Modules

Digital forensics recommendations and best practices

Yes

Module 01–16

Digital forensics standards, methodologies, and frameworks

Yes

Module 01–16

Digital forensics analysis procedures

Yes

Module 02–16

Testing procedures

No

Criminal investigation procedures, standards, methodologies, and frameworks

Yes

Module 01–16

Cybersecurity-related laws, regulations, and legislation

Yes

Module 01

Malware analysis tools

Yes

Module 06, 07, 08, 14

Cyberthreats

No

Computer systems vulnerabilities

No

Cybersecurity attack procedures

No

Operating systems security

No

Computer network security

No

Cybersecurity-related certifications

No

Apply now

Penetration Tester

Pen Tester Ethical Hacker Vulnerability Analyst Cybersecurity Tester Offensive Cybersecurity Expert Defensive Cybersecurity Expert Red Team Expert Red Teamer

Assess the effectiveness of security controls, reveal and exploit cybersecurity vulnerabilities, and evaluate their criticality if exploited by threat actors.

Mission

Plans, designs, implements, and executes penetration testing activities and attack scenarios to evaluate the effectiveness of deployed or planned security measures. Identifies vulnerabilities or weaknesses in technical and organizational controls that impact confidentiality, integrity, and availability of ICT products (e.g., systems, hardware, software, and services).

Deliverable(s) 

  • Vulnerability Assessment Results Report
  • Penetration Testing Report

What is covered in EC-Council’s Certified Ethical Hacking (C|EH) and Certified Penetration Testing Professional (C|PENT) Certification

Main Task (s)

Covered

C|PENT Modules

C|EH Modules

Identify, analyze, and assess technical and organizational cybersecurity vulnerabilities.

Yes

Module 03–13

Module 02–20

Identify attack vectors, uncover, and demonstrate the exploitation of technical cybersecurity vulnerabilities.

Yes

Module 03–13

Module 02– 20

Test systems and operations for compliance with regulatory standards.

Yes

Appendix A

Select and develop appropriate penetration testing techniques.

Yes

Module 01–13

Module 02– 20

Organize test plans and procedures for penetration testing.

Yes

Module 01–13

Establish procedures for analyzing and reporting penetration testing results

Yes

Module 02, 14

Document and report penetration testing results to stakeholders.

Yes

Module 02, 14

Deploy penetration testing tools and test programs.

Yes

Module 03–13

Module 02–20

Learn more

Key skill(s)

Covered

C|PENT Modules

C|EH Modules

Develop codes, scripts, and programs.

Yes

Appendix D–H

Perform social engineering activities.

Yes

Module 04

Module 09

Identify and exploit vulnerabilities.

Yes

Module 03–13, Appendix B–K

Module 02–20

Conduct ethical hacking.

Yes

Appendix L

Module 01– 20

Think creatively and outside the box.

No

Module 01–14

Identify and solve cybersecurity-related issues.

Yes

Module 01–14, Appendix A–L

Module 01– 20

Communicate, present, and report findings to relevant stakeholders.

Yes

Module 02, 14

Use penetration testing tools effectively.

Yes

Module 03–13, Appendix B–K

Module 02– 20

Conduct technical analysis and reporting.

Yes

Module 02, 14

Module 02– 20

Decompose and analyze systems to identify weaknesses and ineffective controls.

Yes

Module 03–13, Appendix B–K

Module 02– 20

Review codes to assess their security.

Yes

Module 08, 13, Appendix A

Apply now

Key knowledge

Covered

C|PENT Modules

C|EH Modules

Cybersecurity attack procedures

No

Module 03–13

Module 02– 20

Information technology (IT) and Operational Technology (OT) appliances

No

Module 10, 11

Module 18

Offensive and defensive security procedures

No

Module 03–13

Module 02–20

Operating systems security

Yes

Appendix A

Module 06, 07

Computer network security

Yes

Appendix A

Module 08, 10, 11, 12

Penetration testing procedures

Yes

Module 02–14

Penetration testing standards, methodologies, and frameworks

Yes

Module 01

Penetration testing tools

Yes

Module 03–13, Appendix B–K

Module 02– 20

Computer programming

No

Computer system vulnerabilities

No

Module 03–13

Module 03– 20

Cybersecurity recommendations and best practices

No

Module 03–13

Module 01– 20

Cybersecurity-related certifications

No

Apply now

Pen Tester Ethical Hacker Vulnerability Analyst Cybersecurity Tester Offensive Cybersecurity Expert Defensive Cybersecurity Expert Red Team Expert Red Teamer

Assess the effectiveness of security controls, reveal and exploit cybersecurity vulnerabilities, and evaluate their criticality if exploited by threat actors.

Mission

Plans, designs, implements, and executes penetration testing activities and attack scenarios to evaluate the effectiveness of deployed or planned security measures. Identifies vulnerabilities or weaknesses in technical and organizational controls that impact confidentiality, integrity, and availability of ICT products (e.g., systems, hardware, software, and services).

Deliverable(s) 

  • Vulnerability Assessment Results Report
  • Penetration Testing Report

What is covered in EC-Council’s Certified Ethical Hacking (C|EH) and Certified Penetration Testing Professional (C|PENT) Certification

Main Task (s)

Covered

C|PENT Modules

C|EH Modules

Identify, analyze, and assess technical and organizational cybersecurity vulnerabilities.

Yes

Module 03–13

Module 02–20

Identify attack vectors, uncover, and demonstrate the exploitation of technical cybersecurity vulnerabilities.

Yes

Module 03–13

Module 02– 20

Test systems and operations for compliance with regulatory standards.

Yes

Appendix A

Select and develop appropriate penetration testing techniques.

Yes

Module 01–13

Module 02– 20

Organize test plans and procedures for penetration testing.

Yes

Module 01–13

Establish procedures for analyzing and reporting penetration testing results

Yes

Module 02, 14

Document and report penetration testing results to stakeholders.

Yes

Module 02, 14

Deploy penetration testing tools and test programs.

Yes

Module 03–13

Module 02–20

Learn more

Key skill(s)

Covered

C|PENT Modules

C|EH Modules

Develop codes, scripts, and programs.

Yes

Appendix D–H

Perform social engineering activities.

Yes

Module 04

Module 09

Identify and exploit vulnerabilities.

Yes

Module 03–13, Appendix B–K

Module 02–20

Conduct ethical hacking.

Yes

Appendix L

Module 01– 20

Think creatively and outside the box.

No

Module 01–14

Identify and solve cybersecurity-related issues.

Yes

Module 01–14, Appendix A–L

Module 01– 20

Communicate, present, and report findings to relevant stakeholders.

Yes

Module 02, 14

Use penetration testing tools effectively.

Yes

Module 03–13, Appendix B–K

Module 02– 20

Conduct technical analysis and reporting.

Yes

Module 02, 14

Module 02– 20

Decompose and analyze systems to identify weaknesses and ineffective controls.

Yes

Module 03–13, Appendix B–K

Module 02– 20

Review codes to assess their security.

Yes

Module 08, 13, Appendix A

Apply now

Key knowledge

Covered

C|PENT Modules

C|EH Modules

Cybersecurity attack procedures

No

Module 03–13

Module 02– 20

Information technology (IT) and Operational Technology (OT) appliances

No

Module 10, 11

Module 18

Offensive and defensive security procedures

No

Module 03–13

Module 02–20

Operating systems security

Yes

Appendix A

Module 06, 07

Computer network security

Yes

Appendix A

Module 08, 10, 11, 12

Penetration testing procedures

Yes

Module 02–14

Penetration testing standards, methodologies, and frameworks

Yes

Module 01

Penetration testing tools

Yes

Module 03–13, Appendix B–K

Module 02– 20

Computer programming

No

Computer system vulnerabilities

No

Module 03–13

Module 03– 20

Cybersecurity recommendations and best practices

No

Module 03–13

Module 01– 20

Cybersecurity-related certifications

No

Apply now

Accreditations and Recognitions

EC-Council is recommended and endorsed by leading organizations and government bodies in the cybersecurity industry.

American Council on Education

American Council on Education

The American Council on Education (ACE) is a membership organization that leads higher education with a united vision for the future.

Anab Logo

ANSI National Accreditation board

ANAB, the ANSI National Accreditation Board, provides accreditation services in over 75 countries and is the largest accreditation body in N. America.

Army Credentialing Assistance Logo

Army Credentialing Assistance

Helps Army Soldiers with full tuition and exam cost coverage for IT, cybersecurity and project management certifications.

National Initiative for Cybersecurity Education

National Initiative for Cybersecurity Education

A partnership between government, academia, and the private sector focused on cybersecurity education, training, and workforce development.