Meet DoD 8570/8140 certification requirements

Train live online, in-person or on-demand — and get certified, guaranteed. Meet DoD 8570/8140 requirements and achieve mission success while staying under your $25,000 Government Purchase Card limit.

Request a team training quote

Comply with DoD 8570/8140

Certify your Information Assurance (IA) workforce with baseline certification requirements detailed in the Department of Defense’s 8570.01-M. With a boot camp for nearly every DoD approved IA baseline certification, we’ll prepare your team to pass their certification exams on the first attempt — guaranteed.

Prepare for a CMMC assessment

Are you a Department of Defense supplier? Prepare for your upcoming Cybersecurity Maturity Model Certification (CMMC) assessment with Infosec’s awareness and training solutions. From CMMC Certified Professional certification boot camps to meeting all training requirements detailed in NIST SP 800-171 and 800-53, we have you covered.

Train how, when and where your team learns best

Live online

Live online

Get days of live-streamed instruction from the industry’s best cybersecurity instructors in the comfort of your home office. We guarantee your team will get certified on their first attempt — or the next exam is on us.

In person

In person

We’ll bring expert cybersecurity instruction to your office, or host a boot camp at a nearby, private location. You pick the time, location and curriculum that works best for your team.

On demand

On demand

Train on your team’s schedule with unlimited access to 100s of cybersecurity certification and skill development courses, plus cloud-hosted cyber ranges featuring 100s of hands-on labs.

Get peace of mind with training guarantees

If you’re like many of our clients, employee certification is more than a goal — it’s a business requirement. Here’s how our boot camp guarantees help you maximize your employee training budget and meet your business objectives:

  • Exam Pass Guarantee: If your employee doesn’t pass their exam on the first attempt, they get a second attempt for free. Includes the ability to re-sit the course for free for up to one year.
  • 100% Satisfaction Guarantee: If your employee is not 100% satisfied with their boot camp at the end of the first day, they may withdraw and enroll in a different online or in-person course.
  • Knowledge Transfer Guarantee: If an employee leaves within three months of obtaining certification, we will train a different employee at the same organization tuition-free for up to one year.

Flexible purchasing options

Your team’s training needs don’t start and stop with federal budget cycles. Infosec’s flexible payment options allow you to purchase group training now and train when it works with your schedules. Infosec accepts all forms of approved training requests and procurement systems. We are currently an approved vendor for the following programs:

  • Army IgnitED
  • Veteran Readiness & Employment

Award-winning training you can trust

IDC MarketScape Leader: U.S. IT Training

IDC MarketScape Leader: U.S. IT Training

Infosec Skills

eLearning Content

eLearning Content

Infosec Skills

Best Product - Cybersecurity Training for Infosec Professionals

Best Product - Cybersecurity Training for Infosec Professionals

Infosec Skills

Security Education & Platform

Security Education & Platform

Infosec Skills

Ranked #52 in Top 100 Global Software Sellers

Ranked #52 in Top 100 Global Software Sellers


Certification boot camps for every position category, specialty and level

Position category, specialty and level

Certification boot camp

IAT Level I

IAT Level II


IAM Level I

IAM Level II




CSSP Infrastructure Support

CSSP Incident Responder

CSSP Auditor

CSSP Manager

Training mapped to NICE Workforce Framework for Cybersecurity

Infosec Skills connects employee job descriptions to an established workforce development framework. Your organization can take a bottoms-up approach to any training initiative by mapping development plans to specific NICE Knowledge and Skill Statements, Work Roles or even the Competencies deemed most critical to employee success.

Frequently asked questions

  • What is the difference between DoDD 8140 and 8570?
    • Department of Defense Directive 8570 was published in 2005 to provide guidance around the training, certification and management of DoD personnel and contractors. It was replaced in 2015 by DoDD 8140, which expanded upon 8570 to include the NICE Cybersecurity Workforce Framework and provide a greater emphasis on hands-on training. However, there is no manual yet written for the practical implementation of 8140, so the 8570.01-M manual continues to be used.

  • What are the five levels of security clearance for DoD?
    • The DoD has five categories for Information Assurance workers:

      – Information Assurance Technician (IAT)
      – Information Assurance Manager (IAM)
      – Information Assurance System Architecture & Engineering (IASAE)
      – Cybersecurity Service Providers (CSSP)
      – Computing Environment (CE)

      The IAT, IAM and IASE categories include three progressive levels, with Level 1 covering the computing environment, Level 2 covering the network environment and Level 3 covering the enclave environment as well as advanced network and computing environments. The CSSP category is further broken down into five specializations: Analyst, Infrastructure Support, Incident Responder, Auditor and Manager. DoD 8570.01-M also requires a CE certification based on the operating system and related security tools and devices being used.

  • What are the DoD 8570 IAT certifications?
    • To meet DoD 8570.01-M Information Assurance Technician (IAT) requirements, you must earn one of the following certifications:

      – IAT I: A+, Network+, SSCP
      – IAT II: Security+, CySA+, CCNA Security, GICSP, GSEC, SSCP
      – IAT III: CASP+, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH

  • What are the DoD 8570 IAM certifications?
    • To meet DoD 8570.01-M Information Assurance Manager (IAM) requirements, you must earn one of the following certifications:

      – IAM I: Security+, CAP, GSLC
      – IAM II: CASP+, CAP, CISM, CISSP (or Associate), GSLC
      – IAM III: CISM, CISSP (or Associate), GSLC

  • What are the DoD 8570 IASAE certifications?
    • To meet DoD 8570.01-M Information Assurance System Architecture & Engineering (IASAE) requirements, you must earn one of the following certifications:

      – IASAE I: CASP+, CISSP (or Associate), CSSLP
      – IASAE II: CASP+, CISSP (or Associate), CSSLP

  • What are the DoD CSSP certifications?
    • To meet DoD Cybersecurity Service Providers (CSSP) requirements, you must earn one of the following certifications:

      – CSSP Infrastructure Support: CySA+, CEH, GICSP, SSCP
      – CSSP Incident Responder: CySA+, CEH, CFR, GCFA, GCIH, SCYBER
      – CSSP Auditor: CySA+, CEH, CISA, GSNA
      – CSSP Manager: CISM, CISSP-ISSMP

  • What are the DoD CE certifications?
    • According to 8570-01-M, “In addition to the IA baseline certification requirement for their level, IATs with privileged access must obtain appropriate Computing Environment (CE) certifications for the operating system(s) and/or security related tools/devices they support as required by their employing organization. If supporting multiple tools and devices, an IAT should obtain CE certifications for all the tools and devices they are supporting. At a minimum the IAT should obtain a certification for the tool or device he or she spends the most time supporting. For example, if an IAT is spending most of his or her time supporting security functions on a CISCO router, the IAT should obtain a CE certification for that equipment.”

  • Does Infosec work with VetsInTech?
    • Yes, we partner with VetsInTech to help train and support our transitioning military, veterans and spouses. The program includes three weeks of intense training focused on building the skills required to earn the A+, Network+ and Security+ certifications. Check out our industry alliances page to learn more.

  • What is the NICE Workforce Framework for Cybersecurity?
    • The NICE Workforce Framework for Cybersecurity (NIST Special Publication 800-181) is used to help categorize cybersecurity work and job duties across the public, private and academic sectors. Infosec’s cyber training library is mapped to over 620 Knowledge and Skill Statements and all 52 Work Roles to support any implementation of the NICE Framework: standard Work Roles directly from the NICE Framework, Competency-based Work Roles, Task-based Work Roles or custom Work Roles.