Building the future of cyber security certifications with employers and experts.
At TryHackMe, we set out to build the most job-relevant cyber security certifications in the world, designed with employers, tested by industry experts, and built to mirror the real-world challenges professionals face on the job.
Our journey with professional certifications started with Security Analyst Level 1 (SAL1), built over 13 months. We spoke to hundreds of hiring managers, security analysts, industry experts, Fortune 500 companies, ran workshops, mentorship programs and beta tests with the support and guidance of our 30-person in-house content engineering team.
We embedded ourselves inside real security operations centers, sat down with managers from Accenture, Salesforce, and JustEat, and listened to the pain points on both sides of the hiring table. These sessions weren’t just feedback loops — they were co-creation opportunities. We took the best of real SOCs, red team operations, and cloud security practice, and baked that into every scenario and assessment.
What we heard was clear: candidates were earning certifications but still struggling to get hired. Employers weren’t just looking for knowledge, they were looking for capability. A mindset. Practical experience. And a signal they could trust. With SAL1, we set the foundation for the professional certificates that we believe the industry, and our users need the most.
The knowledge, insights, and success gained from SAL1 directly shaped the development of our second professional certification, the TryHackMe Junior Penetration Tester (PT1) Exam. This entry-level, hands-on offensive security certification was designed to showcase real-world adversarial thinking and validate practical offensive skills through a 48-hour, full-engagement and industry-ready assessment.
"With PT1, our goal was to create an exam that reflects what you’ll actually face in a real-world penetration test, not just another CTF. We put a tremendous amount of effort into shaping each section of the exam, covering AppSec, NetSec, and Active Directory, to align with what junior pentesters will encounter in their first roles. A particular focus was placed on AppSec, where we see the highest demand for offensive security talent. This isn’t just about proving technical skill, it’s about demonstrating job readiness in a realistic, end-to-end engagement."
Tinus Green, Head of Consultancy at MWR CyberSec & Sr Content Engineer at TryHackMe
That’s why we built every TryHackMe certification: not just to test knowledge, but to prove job readiness.
From entry-level defenders to penetration testers, each certification was co-designed with industry professionals to replicate the decisions, stress, and technical depth required on the job. We built a virtual SOC simulator, designed adversarial threat emulations, and created practical environments where candidates don’t just answer questions — they solve real problems.
The results? Individuals who prove they can investigate alerts, write reports, escalate incidents, exploit vulnerabilities, and defend against them — all within rigorous, hands-on labs assessed by subject matter experts.
Built by Industry Experts
Our in-house content engineering team, made up of experienced professionals with over 100 years of collective industry experience, build all of the assessment (and training) material. They’ve worked the roles these certifications prepare people for: analysts, penetration testers, engineers and managers. They know what good looks like because they’ve been there.
It’s important to note that we’re not new to this. TryHackMe is the world’s largest cyber security training platform. Over the past six years, we’ve trained more than four million users, from complete beginners to seasoned professionals.
We’ve developed thousands of training labs for governments, the largest security teams in the world, schools, students and everything in between. This deep experience in cyber security education means that designing the best assessment process was a natural step — we know exactly what skills are needed at each level, and we have the training to support every step of the journey.
TryHackMe’s fully remote work culture also allowed us to bring together the best analysts and industry experts and incorporate experiences from a wide range of organisations. This unique blend ensured that the assessment we created truly reflects the realities of cyber roles, from landing your first job to excelling in it.
From proving fundamentals to demonstrating advanced, real-world skills — TryHackMe certifications are built to be trusted.
"The content engineers leading the project all have years of industry experience — they’ve applied to SOC roles, worked as analysts, and managed SOC teams. TryHackMe’s fully remote work culture allowed us to bring together the best analysts and industry experts and incorporate experiences from a wide range of organisations. This unique blend ensured that the assessment we created truly reflects the realities of an L1 role, from landing your first job to excelling in it."
Marta Strzelec, Head of Content Engineering
Making it Accessible and Affordable
We believe cyber security education should be rigorous — but also accessible. Unlike other certifications on the market, our certifications are priced to be affordable for learners around the world, without compromising on quality. Whether you're just starting out, switching careers, or levelling up into advanced offensive or defensive roles, we’ve built the training and certification paths to get you there.
We want to remove barriers for aspiring analysts, not create more of them. We have the training, the support, and now the certification to prove you have what it takes to succeed in a security operations environment role.
It’s your move — are you ready to stand out and get hired?
Carah Els