cyber security certificates get a lot of attention and for good reason because earning the right certificate can lead to an interview which can lead to a high-paying long-term career in cyber security without needing an overpriced University degree so I'll be covering the best and worst cyber security certificates based on whether they can actually get you hired now the difference between recommendations on my channel and what you might see elsewhere is that advice on this channel actually help people land their first cyber security job at this point thousands have followed advice on this YouTube channel and managed to land their first cyber security job from across the world in fact I post success stories every single day therefore if you're serious about a career in cyber security then you need to pay attention to this video because I'm going to rank cyber security certificates in a tier list from s for super to F for fail and at the end I will Crown one cyber security certificate as the best of the best and one as the worst of the worst and my criteria for ranking is simply whether a certificate can lead to a job or not this can only happen if the certificate will provide you with Knowledge and Skills that organizations are looking for we will also be listing the pros and cons of each certificate but the true purpose of this video is that I want to teach you how to make informed decisions about cyber security training courses but I can't do that without about taking you on a journey about the evolution of cyber security training courses and certificates therefore I will divide the video in four parts part one is old school those were the first certificates that were introduced in the field like your compas and CCNA and cissp part two is the second generation this is when we started to see newer certificates like OSP and part three is the new generation these are certificates like the Google cyber security search let's defend try hack me hack the Box GC Mastery Blue Team level one and others and finally part four is when I will reveal the best of the best and the worst of the worst of cyber security certificates starting with the most popular and the oldest cyber security certificates which is part one old school we'll start with none other than your beloved coma now I remember when I was starting my career 20 years ago and I was interested in cyber security people told me that I needed to learn Unix and networking and I was learning from books and random online articles because that was the only thing that was available to me now even back then compa was a thing and I found out about compia Security Plus which was really exciting because it was kind of the only dedicated security training resource that was available to me at the time we didn't have YouTube or online courses like we do today so it was a different time but fast forward to today Security Plus is definitely not the only beginner friendly cyber security training however it still provides it's a good introduction to cyber security now before we rank it let's look at the pros and cons now the pros the first one is Security Plus is a good introduction to cyber security yes it's not going to give you any practical skill that you will use on the job but it will give you an important set of definition and general information about cyber security the second Pro is that I've seen beginers landar jobs using Security Plus now please don't confuse that with me saying that Security Plus is what got them the job that is not what I'm saying but what I witness is that some individuals when they start learning the comp Security Plus they get really into it and they pass the exam all of a sudden they have the confidence to start applying two jobs which naturally can lead to some interviews and sometimes all you need is just to show up to an interview and show that you're willing to learn so it's not the certificate that got them the job but it's the fact that they had the confidence to study and apply to jobs now the third main Pro is that if you're a US citizen and you want to work in the Department of Defense or anything under the Department of Defense then comp Security Plus is a requirement by DOD so it's something that you need to pass if you want to work there now if you're not a US citizen or you don't want to work in DOD then this doesn't matter to you as for the cons the first one is that the coma Security Plus is a multiple choice exam which is not a great way to learn a subject you'll end up needing to memorize a whole bunch of random things and that doesn't really translate well to the day to today task of a cyber security professional the second main con is the price the comp Security Plus exam alone will cost you $450 us that is just an exam you will probably need to pay the same for good quality training and the final con which is something I personally faced even 20 years ago which is that compa material are extremely boring in nature when I started to study for comp Security Plus I was so excited to finally get to focus in security but I got bored really really quick I wanted to learn hacking I wanted to learn practical things instead I found myself memorizing the names of ethernet cables this is definitely not why most of us get into cyber security to begin with now other than that honestly cont Security Plus is not a terrible starting point you will get good knowledge once you pass the coma Security Plus exam now with all of that in mind and putting compa Security Plus in context with all the newa and beta cyber security training that's available nowadays I would rank Security Plus as a c now as far as other comp certificates are concerned they have certificates like A+ Network plus sza plus Linux plus Cloud plus and whatever plus none of those certificates are good please don't waste time on them and I say that as someone who's guilty of wasting time and money throughout the years on comp certificates in fact I looked through my old email recently and I found an email I think in 2008 telling me that my comp storage plus was about to expire so trust me this is coming from someone who have done a lot of comps they are not worth it now speaking of old training providers the next one is one of the oldest training providers and one that I personally was obsessed with which is Cisco if you want to truly understand the cyber security industry then you have to understand the impact that Cisco had on not only the industry but on certification programs in general you see in the early 2000s we did not have titles that were dedicated to cyber security instead you either worked as a network engineer where you were responsible for the network or assistance engineer or assistance admin which is basically managing the servers that's what I used to do so security was part of our job that's how it evolved into what we refer to today as cyber security Now if you were a network engineer then Cisco was the king in terms of networking gear and certifications it was simply not possible to be a network engineer without things like CCNA ccmp and to an extent the legendary ccie however fast forward to today and I still see beginners confus network engineering with cyber security today these are two separate disciplines yes a cyber security professional needs a certain level of understanding of networking for some specific discipline not all of cyber security however for some reason to this day people still recommend networking certificates for aspiring cyber Security Professionals and unfortunately some of those those recommendations are coming from Network engineers and Company instructors who have never worked a day in their life in cyber security yet they claim to know about the cyber security industry which is absolutely ridiculous now with all that in mind Cisco as an organization has evolved they have cyber security products not a very good ones and they have cyber security training and certifications so they have the Cisco cyber analyst certificate and even recently they have an ethical hacking CA now looking at the pros of Cisco training and certifications the main Pro is that their new courses like the Cisco cyber security analyst and their ethical hacking course they are completely free so you can do the training and learn as much as you like for free so if you're shortterm money it could be a good start now as for the cons those free training courses are actually low in quality so this to me is the major disadvantage of Cisco cyber security training it's just long hours of low quality training unfortunately now the second corner of Cisco is that a lot of individuals are emotionally attached to Cisco therefore if I criticize Cisco so many people will simply attack me because they think with their feelings and I understand that you see Cisco is not just a company it's someone's entire career one of my close friends he started his career in Cisco 15 years ago he went and did his CCNA ccnp and ccie and he was one of the top architects in Cisco now he moved to another big company but for him Cisco was his entire career so I understand that some individuals are irrationally emotionally attached to Cisco so just be careful when you talk about Cisco because I've seen it happen in real time people get offended which is weird now as for the ranking of Cisco certificates if you want to be a network engineer then doing something like CCNA and ccnp are a no-brainer and Cisco will be definitely s up however if you want to work in cyber security then those certificates aren't really necessary but also their cyber security training as I alluded to earlier is unfortunately low in quality yes it's free but you get what you pay for therefore my rating for Cisco when it comes to strictly cyber security is a generous D now speaking of emotional attachment the next training provider has a cult like following which is none other than isc2 CSP cissp used to be one of the most popular cyber security certificates people who hold cissp love to tell you all about it and for a good reason because they've spent so much time and effort to study and pass the cissp exam now the cissp started to get popular I think around 2006 maybe until 2012 it peaked that's when it used to be the king of cyber security training and that's because at the time like I said cyber security wasn't really a well defined industry if you will so isc2 as an organization tried to come up with standard for what managing information security would look like and the cissp promised to be the training that would qualify you to be an information security manager they also had 5 years of requirements so if you want to become a cissp passing the exam alone wasn't enough you also needed 5 years of experience however as I will explain later those 5 years of experience are extremely questionable and the other reason for the popularity is that the cissp exam used to be on PayPal and it used to be long and hard it's online now and it's still challenging but it used to be a lot harder when it first started therefore it has managed to build a good reputation for that certificate now during that time I think between 2008 and 2010 my career was taken off I was a senior Unix security engineer and I was traveling all over the world working on some serious Unix and security projects but I was stuck in the mindset that if I had the skill I needed a piece of paper to verify and validate that I had that skill I was also young and insecure therefore I stuck a piece of paper on my wall and I wrote a list of certificates that I absolutely wanted to pass in order to prove myself I was extremely passionate about this field and I wanted to learn everything I also wanted people to love me I ended up doing the majority of the certificate on that list however I didn't do cissp that's because as I was getting promoted and I progressed to bigger roles I noticed that the majority of senior leaders not only didn't have cissp but they also didn't care for it anytime I was bringing up certifications I was either ignored or I got weird looks so I decided not to pursue it any further now let's look at the pros of cissp the first one is that if you pass the cissp exam this proves that you're someone who studies really hard it's not an easy exam to pass yes I'm not a huge fan of the content of the exam but it doesn't take away from your hard work and your tenacity that's second one is that the cissp introduces you to a broad range of topics now in the past that was a novelty it was one of the first certificates to talk about things like audit and risk management so those topics were fairly new to technical individuals the third one is that companies used to love seeing cissp on your resume now this has changed a little bit in recent times but generally speaking people still have a positive outlook for the cissp the fourth one is not really related to cisb but isc2 have this beginner certificate called certified in cyber security which we call isc2 CC it's free to do but I think you need to pay $50 to get the certificate it's not great in terms of knowledge but if you're short on money then you can simply start there now as for the cons of the cissp the first one is that the cissp was intended for the management of information security as I said The more senior I got in the past and even in recent days senior cyber security managers and Senior leaders and czos they simply don't have cissp and they don't care about it in fact the majority of them seem to have a negative view of the cissp even the ones who hold it I'm just the messenger here but what I'm trying to say is that it's not the ultimate cyber security Management training that it was intended for which brings me to the second con which is that the content of the cissp and the cissp exams don't really reflect the real world I know they try and I know they have committees in fact one of my friends is part of that committee and they meet up and they try to make the exam more real world like unfortunately it's extremely difficult to mimic cyber security problems into a multiple choice exam especially the way they word their questions is that they tried to trick you with grammar which in my opinion is a bit silly now again this doesn't take away from you if you studied hard and passed the exam I'm simply speaking about the exam for someone who's thinking about doing it now the third con is that as this CP is multiple choice exam and this applies to coma and the rest is that people worldwide they cheat to pass the exam unfortunately the questions and answers are out there on the internet and therefore organizations and professionals lost confidence in these exams because a lot of Bad actors they cheat and they ruin it for everyone else now if you're someone who likes to challenge yourself and do certifications by all means go for it just be aware that the reputation of those certificates have gone backwards because of some Bad actors the other con is that the 5 years of experience is not really strict I've seen people who faked that experience and some individuals have put really strange things into that experience and somehow they managed to qualify for that requirement therefore that 5 years of experience is Highly Questionable and the final con of the cissp is that a lot of individuals who have it especially beginners they become extremely arrogant trust me individuals with the biggest egos in the Cyber sec security IND this are usually beginners who tell me they have a bachelor of cyber security comp Security Plus and cissp now I have sympathy for them because once upon a time I was young naive and I had a big ego now if you take one thing from this video is that based on my experience I've never ever met an expert who had big ego only idiots have big ego and I know that because I was a massive idiot with a big ego so please learn from my mistakes a certificate alone will never make you an expert now with all that in mind if we want to rank the cissp my honest ranking is an extremely generous B now this is strictly for cisp if I look at other isc2 certificates like CC and their Cloud security cssp and their other random nonsense architecture certificates those are all tier F they are absolutely terrible they teach you nothing and they are an absolute waste of time and money and speaking of certificates that overpromise and under deliver the next certificate takes that Crown from for the certificate that promised the most and delivered nothing yet people still pay and do it it's EC Council certified ethical hacker you have no idea how excited I was when I heard the word certified ethical hacker I lost my mind are you telling me that you can be a qualified hacker and you can learn and get testing on hacking this was an extremely novel idea back in the day this is like telling a kid that they can be a superhero except I was the kid I was in my 20s and I really wanted to be a EUR but as you may have guessed I was so so disappointed looking at EC Council the pros is that somehow they got themselves to be a requirement for DOD through nothing but politics so again if you're American and you want to work in DOD then you probably need to do it now as for the cons the certificate itself doesn't teach you any hacking so the name itself is a false promise it's a multiple choice exam that will get you memorizing a random bunch of things that have nothing to do with hacking the second con is that the training and the certificate are way overpriced and you know what's funny on a weekly basis someone will join my Discord server and they will tell me that they have a special discount from EC Council and they ask whether it's worth it to do c well spoiler alert everyone gets that special discount it's just a scammy way to trick you into buying this lowquality useless training and the final con is that EC Council has other certificates like their forensic investigator and other pentest inerts unfortunately they're all equally bad don't bother with them with all that in mind the rating is an obvious and a solid F speaking of theoretical certificates that teach you nothing the next provider was in fact the first one to try to attempt to teach GC except we didn't really call it GC it was simply it Audits and risk and that provider is isaka they have three popular certificates which is cesa C risk and cism people who work in GC in the real world not on YouTube they will be more than familiar with them looking at the pros the main Pros is that like I said they were the first one to be targeted and specific to audit so cesa was traditionally listed for auditing jobs and C risk and cism are still listed for risk management jobs and even information security management jobs the second Advantage is that like I said if you work in GRC and you've got the knowledge and you're bored then you can entertain yourself by studying and doing isaka exams I personally had to do c risk and cism as part of my job in PWC because we had a government contract and they wanted Consultants who had those certificates I actually didn't even bother studying I just walked in and I did the exams and I passed them I don't recommend that because I found the exams to be really stupid and again they did not reflect the real world however there was some important knowledge in it that if you have Absol absolutely zero knowledge in audit or risk then they can give you something it's not the best but it was something especially back in the day which brings me to the cons as you may have guessed multiple choice exams are not a great way to learn a subject but especially with isaka a lot of the questions are worded in a very weird way that Frankly Speaking got me to question the person who wrote these questions and I know it's not one person I know it's a commity and I know they're trying their best however if you actually want to learn GRC and contrary to what a legit GRC expert tell you online you don't need to do all of these random random GRC stuff instead you need to learn GLC once and then you need to work on your knowledge of regulations of business requirements and yes you need to have some technical understanding as well as for the second Con in my opinion it's the price isaka have a requirement where you need to pay an annual fee to renew your status as a certified isaka professional I think cissp has it and a lot of certifications have it I think this is a scam and it's nothing but a money grab in fact I decided to stop paying for ISAC a few years ago and law and behold they revoked my certificates and guess what happened I watched the knowledge leave my body as they revoke the certificates now with all that in mind just like the cissp if you've worked hard to get your isaca certificates then I'm not taking away anything from your hard work in fact you have nothing but my respect and appreciation however if I was to be partial and rate isaka certificates then my honest rating is a very generous day now with all this talk about low quality training what if I told you then even back then there was a legendary cyber security training provider that had extremely great quality cyber security training and Rockstar cyber security instructors and they still do to this day it's the Sans Institute and by association their jaak certificates Sans training is usually 5 days long where you get lectures and books and then you have I think 4 months to study and pass a jaak exam now back then when sand started they had rock stars in the information security community that were teaching these courses and the quality was insanely high in fact they were the first ones to have proper blue teaming and incident response and digital forensic training courses they were setting the standards for so many things that we do today in the cyber security world I still use the Sans methodology for incident response for example the jaak certificates that you get after passing the exam are also highly respected because the value was never the certificate but the fact that in order to get the certificate you needed to do a high quality science training so there was some sort of guarantee that you at least have attended good quality training which is a very smart idea now as for the pros I've already mentioned them the material is topnotch they were the first one to curate nice material that was really really applicable to the world so much so that as I said they became the standard for so many processes that we still use in cyber security today whether you're aware of it or not a lot of the things that you do as a cyber security professional came from Sans and Sans instructors however there are some major Cons with the S Institute the first one being the price the training courses used to cost $5,000 for the 5 days training course but that was in the past today I think there are 6,500 us D which is really overpriced and simply not affordable for so many people now for context back in the day we all had to save up and invest in science training because it was simply the only way available to us to learn things like incident response digital forensics and some Niche penetration testing topics but today you guys are spoiled for choice now the second major con with stands is that a lot of the great instructors have left and their current process of hiring instructors is pretty bad in fact I personally have had bad experience with them but I'm not going to go through that because it's not really important for this video which brings me to the rating honestly Sans has always been traditionally an S tier cyber security provider and it makes me sad to see them regress in recent years and I say that as someone who has four jaak certificates I'm going to put them on the screen but unfortunately as I said there are equally good if not better cyber security courses nowadays that you can do for a fraction of the cost not only that but the decline in quality of s's instructors is really concerning therefore with all of that in mind sand is not going to be S tier instead they're going to be rated as tier a now as far as Improvement the cyber security industry was set to undergo massive improvements we started to happen with the introduction of new cyber security training providers which brings me to the second part of this video part two second generation but before we get to that I want to thank the sponsor of this video know it pass business now did you know that the average number of passwords used for business related accounts is 87 which is absolutely insane and unmanageable however you can manage it with nor pass business which is an intuitive password manages for business and individuals not only that but a huge cyber security risk is usually offboarding users after they left a business because research has shown that one in four employees can still access their business account mons long after they left a company which is a huge security risk however with North pass business you can manage user access efficiently with a streamline onboarding and offboarding process that can help you easily manage user credentials which also gives you the chance to track your corporate data under a single pain of glass research has also shown that on average it takes a business 121 days to identify a data breach which is insane however with the data breach notification Fe feature with the north pass you can easily change passwords that were compromised before any damage is done but best of all you can get 3 months free to try not pass and they've given us an exclusive deal of 20% discount which is crazy to access it go to notp pass.com / Unix guy and use the activation code Unix guy it's a limited time offer only and back to the video starting with the first provider of the Next Generation which is offensive security with their famous SCP offensive Security started as penetration testing with backtrack Linux which evolves to what you guys know today as C Linux and the ocp now OSP is not a generic cyber security certificate it's a focused training and certificate for penetration testing which is just one aspect of cyber security however what offensive security did is that they brought Hands-On live exam environments where you get tested on your practical skills this was not new to the IT world but it was relatively new to the cyber security world in the IT world we had exams like Cisco ccie but we also had exams like redhe hat certified engineer which I've passed long time ago and just saying the name brought back so many memories but that's a topic for another video now as for the pros of the ocp like I said it's a practical Hands-On training which means you cannot pass without demonstrating efficiency in the practical skills that looks a lot like what we do in the real world this was a huge leap from things like compa and C the second con is that the price is a lot cheaper than Sans training because Sans training was the only provider that had good quality penetration testing training so ocp was definitely a GameChanger now I know there are cheaper stuff today however I still think the price of OSP is relatively reasonable as for the cons of oscp the biggest one in my opinion is that the training course is not properly structured they have the Mantra that says try harder which on the surface sounds reasonable as hackers and cyber Security Professionals we want to try harder however in this context of the training I think it's just an excuse for their lazy training a training course should provide you with all the information that you need to learn a subject and pass an exam you don't do a training course to spend hours upon hours of Googling random nonsense this defeats the purpose the second con of ocp is that offensive security as an organization was recently acquired by a private Equity Firm so did your beloved compa by the way so they started to introduce things like ocp plus and they've raised their prices and also they introduced a whole bunch of random nonsense training that honestly doesn't make any sense I think they should just stick to their OSP because that's what they're good at now with all that in mind the OSP in my books is still a solid s tier certificate it gives you exactly what's promised and it does it in a really good way however as of today there are much much better high quality penetration testing courses that does what the ocp is promising and they deliver it in a much better way therefore I'm going to move the ocp from s tier to a tier now as the cyber security industry continued to evolve something really exciting happened another organization followed the footsteps of offensive security and they started another practical Hands-On training organization it used to be called Elan security but most of you will know them as in I remember when they first started he name was Armando he was from Italy and he used to go to internet forums and talk about his certificates I think I was among the first people to try so many of their courses they were later acquired by another company and now they are called in their popular certificates are ejpt and ecpp on the penetration testing side but they also have fantastic incident response and digital forensic courses alongside so many other specialized cyber security courses as for the pros they are practical Hands-On training that mimics the real world and the training courses are well structured and they give you everything you need to pass the exams unlike offensive security the other Advantage is that they are reasonably priced as for the cons honestly I can't think of any I think they are a solid solid training provider therefore as you may have guessed my rating of INE is a solid SD you simply can't go wrong with in now before we continue and move on to the newer cyber security training and certificates there are two extremely important training providers that you simply cannot Escape if you want to work in cyber security which are Microsoft Azure cloud and the Amazon AWS Cloud they are literally everywhere and if someone tells you that AWS is better than Azure or Azure is better than AWS just don't listen to any word that comes out of their mouth because they don't know what they're talking about every environment will have some sort of a Microsoft and Amazon AWS presence but not only that once you learn one platform the other one becomes so easy to learn because they're both extremely similar now here I'm talking strictly about their Cloud security certificates which is Amazon AWS security specialty and Microsoft azour security engineer associate this also includes their other Cloud certifications because they're all relevant to you as a cyber security professional as for the Pros both AWS and azua are extremely relevant to the market like I said if you work in cyber security you have to be familiar with these Cloud platforms the second Pro is that there is so much training out there that can teach you Microsoft AZ and Amazon AWS yes I'm aware some of it is not high quality but still it's available and it gets the job done as for the cons I find that their exams are again multiple choice which I'm not a fan of however at least the things you tested on are relevant to the day-to-day tasks of a cyber security professional therefore my honest rating of Amazon AWS and Microsoft Azure when it comes strictly to cyber security is tier a they are extremely important for you if you want to work in cyber security now before we jump to part three which is the new generation of cyber security training there is one final training provider that deserves an honor mention because they've been around for a very long time and that is UD me now I wish I had positive things to say about udimi but when it comes to cyber security I'm just not a fan with udimi the only attraction is that they are extremely cheap but as you may have guessed you get what you pay for in my 20 years of experience I haven't met a single individual who spent their time learning from you to me and got anyway what ends up happening is that people think they're saving money and they spend it on all these cheap uni classes that are filled with fluff and long hours of nonsense and as a result they never finish them and they never learn anything so as you can see as for the pros for unimi they have one pro which is that they're probably the cheapest training provider out there however the cons of yudi is that you get what you pay for which is extremely low quality cyber security training therefore my honest rating of fudi is a well-deserved F tier when it comes to cyber security which brings me to the most exciting part of this video which is part three the new generation if you're watching this video video and you want to start a career in cyber security and you don't have a degree then this is the single best time in history to embark on this journey there is an abundance of high quality training courses that are reasonably priced that can get you from zero all the way to Landing your cyber security job which is a huge novelty you cannot appreciate that unless you've been through what I've been through in the past the hacker Community was not really friendly they used to make fun of you they used to be really aggressive and they just didn't like helping however today the information is simply out there now the training providers that I want to rate in no particular order for blue teaming or sock we have let's defend cyber Defenders try hack me hack the box and Blue Team level one and level two for offensive security we have again hack the box and try hack me but we also have TCM security and zero point security for GC we have GRC Mastery and for a basic broad introduction to cyber security we have the Google cyber security SE now I know what some of you might be thinking which is which one is the best which one should I choose and I'll get to that in a bit but first the pros of all these courses combined is number one they are all fully practical and Hands-On training which means they give you skills that we use on the job this is crucial because this will give you the confidence to apply to cyber security jobs and when you get to an interview you'll actually be able to answer the questions that you'll ask which is what eventually leads you to a cyber security job and the second Pro is that they are all reasonably priced and I'm comparing them with your compas and your Sams and your cissp I think these courses are more than reasonably priced something that again a lot of you don't appreciate because you haven't seen where we came from as for the cons honestly the main con is that individuals seems to get confused on which platform is the best in my opinion they are all great pick one platform and run with it to the end the single biggest mistake that I see when it comes to this platform is that someone will pick something like hack the box for example and they will do all the free Capture the Flag challenges and they never manage to get to do all of their intermediate and advanced level training and certifications this is where the real value is at it's not on those capture the flag and free challenges so make sure that whatever you pick do it to the end and get to their intermediate and advanced level certifications and courses the second con is GRC related the is this myth online that to learn GRC you need so many hours and hours of training GRC itself is not rocket science once you get the knowledge of GRC which you can get in GRC Mastery you need to move on and improve your technical knowledge even if you only want to work in GC having technical knowledge will make you a much better GRC professional chasing those random classes and random Frameworks is not how you learn GC once you do GC Mastery you're meant to move to Hands-On practice tactical training like the ones I mentioned earlier now if you're looking for a deep dive in these individual courses I talk about them in so many of my videos I highly recommend you start with this one and work your way to the rest of the videos now as for the ranking I'm not going to rank them individually instead I will rank them as a group as a solid sta these are simply how cyber security training is supposed to be you simply can't go wrong with these courses which brings me to the big reveal part four the best and the worst cyber security certificate now there is no shortage of bad cyber security training and I could go on and on for hours about it however there is a certain group of cyber security training that more than deserve to be the worst of the worst they are not new unfortunately and they are still thriving to this day and these are collectively called cyber security boot camps I'm not going to name a boot camp individually because they are all absolute garbage if you look at the pros of cyber security boot camps then unfortunately there is no advantage to paying thousands and thousands of dollars to learn watered down pointless compa training that you can do buy yourself for a couple of hundred as for the cons there are so many the first thing is they promise you that you will get a job at the end of it this is simply not true no one can promise you a job at the end of any training course that's not how the process works the second con is that they charge thousands and thousands of dollars in fact some of them charge the upwards of $20,000 which is an absolute scam and the third one is they use scammy techniques to get you to purchase their boot camp so they'll get you to go on a free webinar and on that webinar they'll have fake people signing up to that boot camp and at the end of it they will pressure you and tell you that there is a special discount that you can only access if you purchase in the next 5 minutes this is a scam no reputable organization will ever do that they also have salese that call you and follow up with you to pressure you to buy again none of the reputable organizations that I mentioned earlier in this video engage in this Shady Behavior another coin is that they always seem to have some kind of a special discount going on again this is just designed to make you feel that you're saving money when in fact you're just wasting money on a scam and finally even universities now have their own boot camps which are equally bad and equally overpriced if a boot camp is run out of a university it is still crap and I never recommend them now as for rating collectively they will be crowned worst of the worst now I'm not going to put names of boot camps instead I'm going to use this picture of me because people have a bad habit of screenshotting my tier list and posting it randomly on LinkedIn without any context so this will hopefully prevent them from doing so now as for the best of the best of cyber security certificates if I was to pick one to be Crown the absolute best cyber security certificate which one is it going to be are you ready well unfortunately I cannot pick one there is no single best cyber security certificate instead all of the certificates that I mentioned in the new generational certificates they're all collectively are the best of the best because the idea is for you to do one or more of these certificates so you can grow your skills do well in interviews and not only land your first cyber security job but progress later to more senior roles now the single biggest mistake that I see with tier List's video is that people treat it like a road mapap this is not a road map video if you want a progressive road map where where I create a list of courses that you can do progressively that will lead you to a cyber security job then this is the video that I recommend you watch but you need to watch it until the end and actually do what I recommend there check it out and I'll see you there