How much does CEH certification cost?

CEH (Certified Ethical Hacker) exam costs $1,199 through EC-Council directly, or $950 if taken at an Authorized Testing Center. The official EC-Council courseware adds $850–$1,000 if you need the classroom training. Self-study materials run $100–$300. Most candidates spend $1,300–$1,500 total. Employer reimbursement is common at defense contractors and government agencies.

How much salary increase does CEH give?

CEH holders average $103,000–$120,000 compared to $78,000–$95,000 for uncertified penetration testers and security analysts. The increase of $20,000–$30,000 depends heavily on industry: government and defense contractors pay a premium because CEH satisfies DoD 8570 IA Technical Level II requirements. Private sector penetration testing roles vary more.

What is the CEH payback period?

CEH payback runs 6–8 months for most candidates, longer than cloud certs because the upfront cost is higher ($1,199–$1,500 total). At a $25,000 salary increase and $1,400 total cost, monthly benefit is $2,083, giving a payback of under 8 months. For candidates targeting government contractor roles where CEH is a hiring requirement, employers frequently reimburse the full cost — making payback immediate.

Is CEH worth it compared to OSCP or Security+?

Depends on your target. CEH is better for government and compliance-driven roles — it satisfies DoD 8570 requirements that OSCP does not. OSCP is more respected for private-sector penetration testing at technical hiring managers. CompTIA Security+ is cheaper ($404) and easier to earn but carries less weight for senior roles. If your target employer lists CEH as required, it's the right choice. If you're targeting boutique pen-test firms, OSCP often outranks CEH.

How long does it take to prepare for CEH?

Most candidates with 2+ years of security experience prepare in 6–10 weeks studying 1–2 hours daily. EC-Council's official course is 5 days of instructor-led training. For self-study, Matt Walker's CEH Certified Ethical Hacker All-in-One Exam Guide is the most recommended resource. The exam is 125 questions over 4 hours, weighted toward knowledge of attack types and tools rather than hands-on skills.

CEH Certification Cost & ROI

At $1,199 the exam is one of the priciest in IT security — but CEH satisfies DoD 8570 requirements that cloud certs don't. Here's the full cost and salary breakdown.

CEH Certification Costs and Salary Impact

Item	Cost / Amount
Exam fee (EC-Council direct)	$1,199
Exam fee (Authorized Testing Center)	$950
Study materials (self-study)	$100–$300
Official EC-Council courseware	$850–$1,000
Annual maintenance (ECE credits)	$80/yr
Average salary without CEH	$78,000–$95,000
Average salary with CEH	$103,000–$120,000
Typical salary increase	+$25,000/yr
Payback period (self-study path)	~6–8 months

Salary data: BLS OEWS, EC-Council Salary Report, Global Knowledge IT Skills Report 2025. Exam fees: EC-Council pricing as of 2026.

Who CEH Is Actually For

Government and defense contractor roles

CEH satisfies DoD Directive 8570/8140 IA Technical Level II requirements. If your target employer is a defense prime (Booz Allen, SAIC, Leidos, CACI) or a federal agency, CEH is often listed as a minimum requirement. In this context, the employer typically reimburses the full cost.

Security analysts moving into offensive roles

CEH is a knowledge-based credential that covers attack methodologies, tools, and countermeasures across 20 domains. It's an effective bridge for security analysts who understand defense and want to move into penetration testing or vulnerability assessment without the hands-on rigor of OSCP.

Skip CEH if you're targeting private pen-test firms

Technical hiring managers at boutique offensive security firms often prefer OSCP or PNPT over CEH. OSCP requires passing a live 24-hour hands-on exam — it demonstrates skill in a way CEH's multiple-choice format doesn't. If you're not constrained by DoD 8570 compliance requirements, OSCP has better ROI for private-sector pen-test roles.

CEH vs. Other Security Certifications: The Full Picture

CEH's high exam cost ($1,199) is its primary disadvantage versus Security+ ($404) and OSCP ($1,499 for the course plus lab access). For government contractor work, it's close to mandatory — but for all other contexts, CompTIA Security+ covers most of the same conceptual territory at one-third the cost and faster payback.

The real differentiator is regulatory compliance. DoD 8570.01-M (updated as 8140) categorizes CEH under IA Technical Level II and III. Security+ covers Level I. CISSP covers Level III management. If a job posting requires Level II compliance, CEH is one of the fastest paths to meeting that requirement — alternatives include GPEN (GIAC Penetration Tester) at $949 and GWAPT at similar cost.

EC-Council offers CEH Practical as a separate lab-based exam ($550) that tests hands-on skills. Combining CEH with CEH Practical signals technical depth beyond the knowledge exam alone. For candidates who pass both, the combined credential is more competitive with OSCP than either exam alone.

Renewal Requirements

CEH requires 120 EC-Council Continuing Education (ECE) credits over 3 years plus an $80/year membership fee. ECE credits can be earned through training, research, community involvement, and other activities. The ongoing cost is modest compared to ISC2's AMF for CISSP holders ($135/year).

Your CEH Payback Calculator

Current Annual Salary

Study Path

Common Questions

Does CEH satisfy DoD 8570 requirements?

Yes. CEH is approved under DoD 8570.01-M / DoD 8140 for IA Technical Level II (IASAE) positions. This makes it a hiring requirement at many defense contractors and federal agencies. Security+ covers Level I. CISSP and CASP+ cover higher levels depending on the position category.

What experience do you need before CEH?

EC-Council recommends 2 years of security experience before attempting CEH. Without official training, candidates must verify their experience or be sponsored by an EC-Council Authorized Training Center. Most successful self-study candidates have a Security+ or equivalent background before tackling CEH material.

CEH vs OSCP — which has better ROI?

CEH has better ROI for compliance-driven government and contractor roles. OSCP has better ROI for private-sector offensive security positions. OSCP requires $1,499 for course + labs and a 24-hour hands-on exam — it's harder but more respected by technical practitioners. If you're applying to DoD-adjacent roles, CEH first. If you're going to boutique red teams, OSCP first.

How often does the CEH exam change?

EC-Council updates CEH content approximately every 2 years. The current version is CEH v13. EC-Council typically grandfathers existing holders under new versions as long as they maintain ECE credits and annual membership. Study materials should be version-matched — older prep books may not cover new domains.

ROI Calculator CISSP ROI Security+ ROI CISM ROI Best ROI Rankings Top Certifications

Data: BLS OEWS, EC-Council, Global Knowledge IT Skills Report 2025. Updated March 2026.

Data: BLS Occupational Employment and Wage Statistics (OEWS), Official Certification Body Fee Schedules, O*NET Occupation Data

Last updated: January 2025

How we calculate this · Payback calculations assume you qualify for and secure a role that values the certification. Outcomes vary by employer, region, and experience level.