Become a Certified IoT Penetration Tester

The Attify Certified IoT Security Pentester (ACIP) is a certification designed to assess your skill sets in Internet of Things security and penetration testing. 

This certification proves that you have a deep understanding of the Internet of Things ecosystem and it's underlying security issues. 

The Certified IoT Security Pentester certification has been built by the same team who has taught Offensive IoT Exploitation in over 13 countries and has pentested hundreds of devices in the past 5 years. The certification exam takes real practical scenarios and present it to them. 

It is an online examination consisting of 150 Multiple Choice Questions (and some subjective and diagram-based) from all different aspects of Internet of Things - Firmware, Embedded Devices, Binary Security, Web, Mobile, Software Defined Radio, Bluetooth Low Energy and ZigBee and can be taken based on your convenient time slot

The examination requires prior preparation as the examination includes questions which tests your knowledge of practical application of IoT security concepts.

After you complete the examination, the answers will be evaluated by our team and you will receive the final result within 7 days. 

To pass the examination, you will need to score 65% or above of the total marks post which receive a digital certificate, a badge which you could post on your LinkedIn or other social network to share your achievement and a physical certificate shipped to your address.

What does ACIP cover?

  • Internet of Things foundational concepts - architecture, technologies and threat modeling

  • Firmware analysis and Exploitation

  • Binary reversing and vulnerabilities in ARM and MIPS binaries 

  • Embedded Device analysis including analysing PCB components, hardware communication protocols, internals about communication protocols and security protections 

  • Conventional attack techniques such as Web, Mobile and Network based vulnerability exploitation

  • Software Defined Radio

  • Bluetooth Low Energy and ZigBee exploitation

Who is this certification for? 

If you are a job seeker looking to make a career in Internet of Things Security and Penetration Testing, the certificate will help you gain a competitive edge when it comes to the job selection process. 

If you are already working as a Penetration Tester, Red Teamer or a Security Engineer, you could use the certificate will help show your organisation that you actually know about the ins-and-outs of IoT Pentesting

If you are an IoT Security Researcher or IoT Penetration Tester or an organisation doing IoT pentesting, you could take the certification exam to prove your skillsets and gain more and better clients and pentesting engagements. 

If you are developer or a blue team member, this certification would allow you to learn about the red team perspective when it comes to Internet of Things Exploitation.

Don't take this certification, if...

This certification is not the right one for you if you meet any of the two criterias below: 

  • C-level execs interested in a certification to know about high-level perspective on IoT Security 

  • Individuals wanting to test their theoretical skillset to gain a quick IoT Security certification

Examination and Certification Specifics

Total number of Questions: 150 

Total time duration: 120 minutes

Type of questions: MCQ, Subjective and Visual analysis 

Passing percentage: 65%

Note that the score for the questions vary based on the difficulty level. Parts of the assessment are validated by our Subject Matter experts before giving the final score to the examinee.

Hardware/Software set up required to take the examination: 


System with internet connectivity

Working webcam 


Web Browser (Google Chrome is recommended)

Administrative access on the system to install the examination software 

Additionally, a valid government ID proof will be required for the examination to begin. 

  • The Process

Register a Time Slot

Choose your certification package below. 

Our team will then send you an email within the next 24 hours containing the examination details and to finalize the date and time for your examination. 


Once you have a time slot selected for the examination, prepare well for the examination. Brush up on both foundational concepts as well as advanced exploitation techniques to perform well in the examination. 


On the day of the examination, make sure you start the examination on time.  

Ensure that you have a stable internet connection and a web camera during the examination. 


Congrats, you are now a Certified IoT Penetration Tester. 


The certification exam costs USD 449 and the validity for the certificate is 5 years. 

The certification exam can also be bundled with IoT Exploitation Learning kit or the Offensive IoT Exploitation training or both. 

The re-attempt cost for the examination is $129 and can only be taken 30 days after the first attempt. 

Choose the option which suits you the best. 

Liquid error (templates/page.gem-42950426693-template line 15): product form must be given a product
Liquid error (templates/page.gem-42950426693-template line 15): product form must be given a product
Liquid error (templates/page.gem-42950426693-template line 15): product form must be given a product


How much time should I ideally devote to preparing for the examination?

It depends on what is your current experience level with IoT Security. If you are taking the certification along with the Offensive IoT Exploitation training, we would recommend you to complete the Offensive IoT Exploitation training class, spend 3-4 days for preparation and then take the examination. 

If you are taking just the certification exam without the Offensive IoT Exploitation training, in that case, we would recommend for at least a week for preparation (if no prior background of IoT Security) or 2-3 days, if you have prior background in IoT Penetration testing.

What if I want to reschedule the examination after selecting a time slot?

In case you would like to reschedule the examination, please use our contact form to reach out to us for the same. Please note that examinations can only be rescheduled if it hasn't been started. 

How do I send the certificate to my employer for verification?

Once you obtain the certification, you will receive a URL for certificate verification. Share the URL along with your unique ID to the employer or any party who would like to verify the certification status.

When will I receive the printed certificate?

Once you successfully pass the examination, your printed certificate will be shipped to you within 2-3 business days. Depending on which part of the world you want your certificate to be shipped to, it might take anywhere from 2-15 business days to arrive. The certificate is shipped from California (USA).

Will I need to set up a VPN or log in to a Lab environment to take the examination?

No, you would not require a VPN or any complex environment setup to take the certificate examination. All you would require is a web browser, a webcam and a stable internet connection.