Over 3.5 million cybersecurity positions sit unfilled globally, and organizations are done waiting for defenders who’ve never thought like an attacker. The CEH has been the credential that bridges that gap since 2003, and with CEH v13 weaving AI into every phase of ethical hacking, it’s more current than it’s ever been.

What Is CEH Certification?

The Certified Ethical Hacker is issued by EC-Council (International Council of E-Commerce Consultants), a credential that’s been validating offensive security knowledge since 2003. EC-Council reports over 400,000 professionals certified across all its programs globally, though a CEH-specific count isn’t published through official channels.

What sets CEH apart from most security certs is its structured lifecycle approach. The exam walks candidates through every phase of a penetration test, from reconnaissance through exploitation, persistence, and evasion. That’s intentional. Employers, particularly in government and compliance-heavy industries, want proof that candidates understand the full attack surface, not just isolated skills.

CEH v13, released September 23, 2024, is the program’s biggest curriculum shift yet. AI-driven hacking techniques and tools are now integrated across all five ethical hacking phases, a departure from every prior version where AI was essentially absent. That update alone makes older study materials worth scrutinizing before you rely on them.

Who Should Get CEH Certified?

Four profiles stand out as clear fits.

Security analysts moving into offensive work. If you’re in a SOC or blue-team role and want to formalize your offensive knowledge, CEH gives you a recognized credential and fills the gaps in attack methodology that defensive work doesn’t cover.

Penetration testers entering the field. CEH isn’t the most hands-on cert available, but it’s widely accepted as an entry credential for pen tester job postings, especially at larger organizations and federal contractors.

IT professionals targeting government and defense roles. CEH carries strong recognition in government and defense sectors, where employer-required cert lists often name it explicitly.

Career changers with IT backgrounds. Candidates who know networking and systems but lack security credentials can use CEH to make a credible pivot, especially if they take the official EC-Council training route that waives the experience requirement.

Who shouldn’t pursue it: experienced practitioners already working at an advanced hands-on level will find it too theoretical. And if your work is purely defensive (incident response, threat intelligence, security operations with no offensive component), a cert like GCIH or CySA+ is a better investment.

CEH Exam Domains and Weights

CEH v13 covers 20 domains weighted to mirror the real-world attack lifecycle. Reconnaissance and System Hacking together account for the largest share of the exam, making them the clear study priorities. The remaining domains span network attacks, web applications, malware, cloud, and cryptography, each weighted between 5% and 14%. The widget below shows the full breakdown.

CEH Exam Cost, Format, and Pass Score

The CEH knowledge exam is 125 linear multiple-choice questions over four hours. Total investment ranges from roughly $950 (EC-Council direct) to $1,199 (Pearson VUE), plus an $80 annual maintenance fee. Retakes run $499. Passing score varies by exam form between 60% and 85%. The widget breaks down every cost line.

CEH Salary and Job Outlook 2026

CEH-certified professionals in the US report salaries ranging approximately $85,000 to $150,000 annually, depending on role and experience. Demand is concentrated in government and defense, financial services, healthcare, and major technology firms. The global talent shortage of over 3.5 million unfilled cybersecurity positions continues to drive hiring. The widget shows the full salary landscape with role-level breakdowns.

CEH Requirements: Experience and Eligibility

EC-Council offers two official paths to eligibility.

The first path is completing an authorized EC-Council training course. This removes the experience requirement entirely and is the fastest route for candidates new to information security.

The second path is demonstrating at least two years of verifiable work experience in information security, accompanied by a non-refundable $100 USD eligibility application.

A few nuances worth knowing: candidates who don’t meet the two-year threshold but hold relevant academic credentials, including Ph.D. holders and active trainers in the field, can apply for a waiver, though the eligibility application is still required. There’s no shortcut around that form.

Timeline expectations depend heavily on your starting point. If you’re enrolling in official training, your eligibility is resolved at enrollment. If you’re applying through the experience route, budget two to four weeks for application processing before you can schedule the exam. After passing, you’ll need 120 EC-Council Continuing Education (ECE) credits over each three-year cycle, with $80 in annual membership fees to maintain the credential.

How to Study for CEH: Resources and Plan

Most candidates need approximately 120 study hours to prepare, spread across four to twelve weeks depending on intensity. The core decision is whether to use official EC-Council courseware (necessary if you’re waiving the experience requirement) or combine third-party study guides, practice exams, and free labs. The resource navigator and study plan builder below cover both paths in full.

What Changed in the CEH v13 2024 Update

CEH v13 released on September 23, 2024, and the headline change is AI, everywhere. Prior versions treated hacking methodology as a purely human skillset. V13 threads AI tools and techniques through all five ethical hacking phases, covering AI-assisted reconnaissance, vulnerability scanning, and command automation via tools like ShellGPT. The addition of OWASP Top 10 for AI is notable for anyone working in environments where AI systems are attack surfaces, not just defenders.

Beyond AI, v13 deepens cloud coverage (AWS, Azure, and GCP exploitation), adds modules on Zero-Trust Architecture, supply chain attacks, and MITRE ATT&CK framework integration, and modernizes malware content to include fileless malware and Ransomware as a Service (RaaS).

The practical impact for current candidates: study materials built for v11 or earlier are no longer sufficient. V12 materials cover most of the domain structure but miss the AI integration. If you're starting prep now, verify that your chosen resources explicitly cover v13 content before purchasing.

How AI Is Changing Ethical Hacking Careers

AI isn't replacing ethical hackers. It's changing what the job looks like. Reconnaissance that previously took days can now be partially automated. Vulnerability scanning is faster and covers more surface area. EC-Council's own language around CEH v13 points to potential efficiency gains of up to 40% in cyber defense tasks when AI tools are applied effectively.

The skills that AI doesn't replicate are the ones that matter most: contextual judgment about which vulnerabilities to prioritize, the ability to chain exploits across complex environments, and the communication skills to translate findings into business risk. Those remain human work.

What's becoming essential is comfort with AI tooling on both sides of the equation. Attackers are using AI to generate phishing content, automate scanning, and probe defenses at scale. Defenders and ethical hackers need fluency with the same tools to test against AI-assisted threats. CEH v13's integration is a direct response to that reality, and it's a reasonable predictor of where exam content goes from here.

Is CEH Worth It in 2026?

Yes, for candidates entering ethical hacking or formalizing their offensive security knowledge, particularly where employer recognition and government or compliance contexts matter. The top comparison is OSCP, which is significantly harder, entirely hands-on, and better suited to candidates ready to prove practical exploitation skills. CEH gets you in the door; OSCP proves you can perform once inside.

How to Get CEH Certified: Step by Step

1. Confirm eligibility: choose official EC-Council training (waives experience) or document two years of infosec experience and submit a $100 application at ec-council.org.
2. Select your study path: official courseware, third-party study guides, or a combination with free lab platforms like TryHackMe.
3. Build hands-on fluency: complete labs before your exam date, especially in Reconnaissance and System Hacking domains.
4. Schedule your exam: book through EC-Council direct ($950) or Pearson VUE ($1,199).
5. Maintain the credential: pay the $80 annual ECE membership fee and earn 120 credits per three-year cycle to keep the certification active.

The CEH has outlasted plenty of credentials that promised more and delivered less. It's not the hardest cert in offensive security, but it's one of the most recognized, and in 2026, with AI now baked into every domain, it's more relevant to the actual threat landscape than it's been in years. Start at EC-Council's official CEH page and at the TechJacks certification hub for additional guidance.

Reference Resource List

1. EC-Council -- CEH Official Program Page
2. EC-Council -- CEH Eligibility Requirements
3. EC-Council -- About Us (Certification Count)
4. EC-Council -- CEH Exam Voucher Store
5. EC-Council -- CEH Practical Exam
6. EC-Council -- iLabs Virtual Lab Access
7. EC-Council -- Ethical Hacking Salary Overview
8. EC-Council -- CEH Hall of Fame Report 2023
9. Wiley/Sybex -- CEH v12 Study Guide with 750 Practice Questions
10. IPSpecialist -- CEHv12 Study Guide
11. Boson -- ExSim-Max for Ethical Hacking
12. Boson -- Practice Lab for Ethical Hackers
13. Infosec Institute -- CEH Learning Path
14. TryHackMe -- Free Hacking Practice Platform
15. Infosec Institute -- CEH Job Outlook
16. CompTIA -- PenTest+ vs CEH Comparison
17. GIAC -- Certified Incident Handler (GCIH)
18. CompTIA -- CySA+ Certification
19. EC-Council -- CEH vs Security+ Comparison
20. EC-Council -- Footprinting and Reconnaissance Overview