I am basing this list off of what I’ve seen in online Digital Forensics and Incident Response job postings.
I’ve seen these certifications requested only for Incident Response roles that involve digital forensics:
- CompTIA: Security+ (This is the minimum certification requirement I’ve seen for Entry Level Incident Response Analysts)
- CompTIA: CySA+ (Cybersecurity Analyst)
- Cisco: CCNA Cyber Ops
- EC-Council: Certified Ethical Hacker (CEH)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Network Forensic Analyst (GNFA)
- GIAC Reverse Engineering Malware (GREM)
I’ve seen these certifications requested in both Digital Forensics (law enforcement/specialist) and Incident Response roles that involve digital forensics:
- EC-Council: Certified Forensic Hacking Investigator (CHFI)
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Certified Forensic Examiner (GCFE)
- EnCase Certified Examiner (EnCE)
- Certified Computer Examiner (CCE)
- Certified Forensic Computer Examiner (CFCE)
Many of these certifications are part of the DoD Approved 8570 Baseline Certifications
AboutDFIR has a large list of certifications and training.
There is also a list of lesser-known DFIR certifications with training included for under $1,000. Many of them are practical hands-on certifications.