Design your career pathway with specialized focus areas
GIAC certifications go beyond theory and test the practical application of critically needed security skills across industry focus areas.
Design your career pathway with specialized focus areas
GIAC certifications go beyond theory and test the practical application of critically needed security skills across industry focus areas.
Cybersecurity and IT Essentials, Cyber Defense
GIAC Security Essentials (GSEC)
The GIAC Security Essentials (GSEC) certification validates a practitioner's knowledge of information security beyond simple terminology and concepts.
Affiliated Training: SEC401: Security Essentials - Network, Endpoint, and Cloud
Cybersecurity and IT Essentials, Cyber Defense
GIAC Information Security Fundamentals (GISF)
The GIAC Information Security Fundamentals (GISF) certification validates a practitioner's knowledge of security's foundation, computer functions and networking, introductory level cryptography, and cybersecurity technologies.
Affiliated Training: SEC301: Introduction to Cyber Security
Cyber Defense
GIAC Certified Intrusion Analyst Certification (GCIA)
The GIAC Intrusion Analyst certification validates a practitioner’s knowledge of network and host monitoring, traffic analysis, and intrusion detection.
Affiliated Training: SEC503: Network Monitoring and Threat Detection In-Depth
Cyber Defense
GIAC Machine Learning Engineer (GMLE)
The GIAC Machine Learning Engineer (GMLE) certification validates a practitioner’s knowledge of practical data science, statistics, probability, and machine learning. GMLE certification holders have demonstrated that they are qualified to solve real-world cyber security problems using Machine Learning.
Affiliated Training: SEC595: Applied Data Science and AI/Machine Learning
Cyber Defense
GIAC Certified Detection Analyst (GCDA)
The GCDA certification proves an individual knows how to collect, analyze, and tactically use modern network and endpoint data sources to detect malicious or unauthorized activity.
Cyber Defense
GIAC Defensible Security Architect Certification (GDSA)
The GDSA certification proves that practitioners can design and implement an effective combination of network-centric and data-centric controls to balance prevention, detection, and response
Affiliated Training : Defensible Security Architecture and Engineering
Cyber Defense
GIAC Certified Windows Security Administrator (GCWN)
The GIAC Certified Windows System Administrator (GCWN) certification validates a practitioner's ability to secure Microsoft Windows clients and servers.
Cybersecurity Leadership, Cyber Defense
GIAC Information Security Professional Certification (GISP)
The GIAC Information Security Professional (GISP) certification validates a practitioner's knowledge of the 8 domains of cybersecurity knowledge as determined by ISC2 that form a critical part of CISSP® exam.
Affiliated Training :LDR414: SANS Training Program for CISSP® Certification
Cyber Defense
GIAC Continuous Monitoring Certification (GMON)
The GIAC Continuous Monitoring (GMON) certification validates a practitioner's ability to deter intrusions and quickly detect anomalous activity.
Affiliated Training :SEC511: Cybersecurity Engineering: Advanced Threat Detection
Offensive Operations, Pen Testing, and Red Teaming
GIAC Experienced Incident Handler (GX-IH)
The GIAC Experienced Incident Handler Certification (GX-IH) further demonstrates a candidate’s superior incident response skills.
Cyber Defense
GIAC Experienced Cyber Security (GX-CS)
The GIAC Experienced Cybersecurity Specialist Certification (GX-CS) further demonstrates that a candidate is qualified for hands-on IT systems roles.
Cybersecurity and IT Essentials, Cyber Defense
GIAC Certified Enterprise Defender (GCED)
The GCED builds on the security skills measured by the GIAC Security Essentials certification. It assesses more advanced, technical skills that are needed to defend the enterprise environment and protect an organization as a whole.
Affiliated Training :SEC501: Advanced Security Essentials - Enterprise Defender
Cyber Defense
GIAC Security Operations Certified (GSOC)
The GSOC certification validates a practitioner’s ability to defend an enterprise using essential blue team incident response tools and techniques.
Affiliated Training :SEC450: Blue Team Fundamentals: Security Operations and Analysis
Cyber Defense
GIAC Open Source Intelligence Certification (GOSI)
The GOSI certification confirms that practitioners have a strong foundation in OSINT methodologies and are well-versed in data collection, analysis, and reporting
Affiliated Training :SEC497: Practical Open-Source Intelligence (OSINT)
Offensive Operations, Pen Testing, and Red Teaming
GIAC Red Team Professional (GRTP)
The GIAC Red Team Professional (GRTP) certification validates an individual’s ability to conduct end-to-end Red Team engagements. GRTP certification holders have demonstrated knowledge of building an adversary emulation plan, establishing a C2 infrastructure, and emulating adversary tactics, techniques, and procedures (TTPs) to assist in improving overall security.
Affiliated Training :SEC565: Red Team Operations and Adversary Emulation
Offensive Operations, Pen Testing, and Red Teaming
GIAC Enterprise Vulnerability Assessor Certification (GEVA)
GIAC Enterprise Vulnerability Assessor is the premier certification focused on validating technical vulnerability assessment skills and time-tested practical approaches to ensure security across the enterprise.
Offensive Operations, Pen Testing, and Red Teaming
GIAC Penetration Tester Certification (GPEN)
The GIAC Penetration Tester certification validates a practitioner's ability to properly conduct a penetration test, using best practice techniques and methodologies.
Affiliated Training :SEC560: Enterprise Penetration Testing
Offensive Operations, Pen Testing, and Red Teaming, Cyber Defense
GIAC Foundational Cybersecurity Technologies (GFACT)
The GFACT certification validates a practitioner's knowledge of essential foundational cybersecurity concepts.
Affiliated Training :SEC275: Foundations: Computers, Technology, & Security
Offensive Operations, Pen Testing, and Red Teaming, Cyber Defense
GIAC Defending Advanced Threats (GDAT)
The GDAT certification is unique in how it covers both offensive and defensive security topics in-depth.
Affiliated Training :SEC599: Defeating Advanced Adversaries
Offensive Operations, Pen Testing, and Red Teaming
GIAC Experienced Penetration Tester (GX-PT)
The GIAC Experienced Penetration Tester (GX-PT) Certification demonstrates that a candidate has seasoned, hands-on red team and purple team skills.
Cyber Defense
GIAC Experienced Intrusion Analyst (GX-IA)
The GIAC Experienced Intrusion Analyst Certification (GX-IA) further demonstrates that a candidate is qualified to solve complex and unique challenges that Intrusion Analysts encounter.
Offensive Operations, Pen Testing, and Red Teaming
GIAC Python Coder (GPYC)
The GIAC Python Coder (GPYC) certification validates a practitioner’s understanding of core programming concepts, and the ability to write and analyze working code using the Python programming language.
Affiliated Training :SEC573: Automating Information Security with Python
Offensive Operations, Pen Testing, and Red Teaming
GIAC Mobile Device Security Analyst (GMOB)
The GIAC Mobile Device Security Analyst (GMOB) certification ensures that people charged with protecting systems and networks know how to properly secure mobile devices that are accessing vital information.
Affiliated Training :SEC575: iOS and Android Application Security Analysis
Offensive Operations, Pen Testing, and Red Teaming
GIAC Web Application Penetration Tester (GWAPT)
The GIAC Web Application Penetration Tester (GWAPT) certification validates a practitioner’s ability to better secure organizations through penetration testing and a thorough understanding of web application security issues.
Affiliated Training :SEC542: Web App Penetration Testing and Ethical Hacking
Offensive Operations, Pen Testing, and Red Teaming
GIAC Assessing and Auditing Wireless Networks (GAWN)
The GAWN certification is designed for technologists who need to assess the security of wireless networks.
Affiliated Training :SEC617: Wireless Penetration Testing and Ethical Hacking
Offensive Operations, Pen Testing, and Red Teaming, Cloud Security
GIAC Cloud Penetration Tester (GCPN)
The GCPN certification validates a practitioner's ability to conduct cloud-focused penetration testing and assess the security of systems, networks, architecture, and cloud technologies.
Affiliated Training :SEC588: Cloud Penetration Testing
Offensive Operations, Pen Testing, and Red Teaming
GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
The GIAC Exploit Researcher and Advanced Penetration Tester certification validates a practitioner's ability to find and mitigate significant security flaws in systems and networks.
Affiliated Training :SEC660: Advanced Penetration Testing
Digital Forensics, Incident Response & Threat Hunting
GIAC iOS and macOS Examiner (GIME)
The GIAC iOS and macOS Examiner is a cybersecurity certification that validates a practitioner’s knowledge of computer forensic analysis and incident response skills.
Affiliated Training :FOR518: Mac and iOS Forensic Analysis
Digital Forensics, Incident Response & Threat Hunting
GIAC Enterprise Incident Response (GEIR)
The GEIR (GIAC Enterprise Incident Response) certification is the gold standard for validating expertise in incident response management and advanced cyber threat analysis.
Affiliated Training :FOR608: Enterprise-Class Incident Response
Digital Forensics, Incident Response & Threat Hunting
GIAC Cyber Threat Intelligence (GCTI)
The GCTI certification proves practitioners have mastered strategic, operational, and tactical cyber threat intelligence fundamentals and application
Affiliated Training :FOR578: Cyber Threat Intelligence
Digital Forensics, Incident Response & Threat Hunting
GIAC Certified Forensic Examiner (GCFE)
The GIAC Certified Forensic Examiner (GCFE) certification validates a practitioner’s knowledge of computer forensic analysis, with an emphasis on core skills required to collect and analyze data from Windows computer systems.
Affiliated Training :FOR500 : Windows Forensic Analysis
Offensive Operations, Pen Testing, and Red Teaming, Cybersecurity and IT Essentials, Digital Forensics, Incident Response & Threat Hunting, Cyber Defense
GIAC Certified Incident Handler Certification (GCIH)
The GIAC Incident Handler certification validates a practitioner’s ability to detect, respond, and resolve computer security incidents using a wide range of essential security skills.
Affiliated Training :SEC504 : Hacker Tools, Techniques, and Incident Handling
Digital Forensics, Incident Response & Threat Hunting
GIAC Certified Forensic Analyst (GCFA)
The GCFA certification focuses on core skills required to collect and analyze data from Windows and Linux computer systems.
Affiliated Training :SEC504 : Hacker Tools, Techniques, and Incident Handling
Digital Forensics, Incident Response & Threat Hunting
GIAC Experienced Forensics Analyst (GX-FA)
The GIAC Experienced Forensics Analyst (GX-FA) Certification further demonstrates that a candidate is qualified for hands-on digital forensic and threat hunting roles.
Digital Forensics, Incident Response & Threat Hunting, Operating System & Device In-Depth
GIAC Advanced Smartphone Forensics Certification (GASF)
The popularity of mobile devices in our work and personal lives has become increasingly broad and complex.
Affiliated Training :FOR585 : Smartphone Forensic Analysis In-Depth
Digital Forensics, Incident Response & Threat Hunting, Operating System & Device In-Depth
GIAC Battlefield Forensics and Acquisition (GBFA)
The GBFA certification demonstrates that an individual is trained and qualified in the proper collection, acquisition, and rapid triage analysis of many forms of data storage.
Affiliated Training :FOR498 : Digital Acquisition and Rapid Triage
Digital Forensics, Incident Response & Threat Hunting, Cloud Security
GIAC Cloud Forensics Responder (GCFR)
GIAC Cloud Forensics Responder is a cybersecurity certification that validates a practitioner’s ability to track incidents and collect and interpret logs across Amazon, Google, and Microsoft cloud providers.
Affiliated Training :FOR509 : Enterprise Cloud Forensics and Incident Response
Digital Forensics, Incident Response & Threat Hunting
GIAC Network Forensic Analyst (GNFA)
The GIAC Network Forensic Analyst (GNFA) certification validates a practitioner's ability to perform examinations employing network forensic artifact analysis.
Affiliated Training :FOR572 : Advanced Network Forensics
Digital Forensics, Incident Response & Threat Hunting
GIAC Reverse Engineering Malware Certification (GREM)
The GIAC Reverse Engineering Malware (GREM) certification is designed for technologists who protect the organization from malicious code.
Affiliated Training :FOR610 : Reverse-Engineering Malware
Industrial Control Systems Security
Global Industrial Cyber Security Professional Certification (GICSP)
The GICSP bridges together IT, engineering and cyber security to achieve security for industrial control systems from design through retirement.
Affiliated Training :ICS410 : ICS/SCADA Security Essentials
Industrial Control Systems Security
GIAC Critical Infrastructure Protection Certification (GCIP)
The GCIP certification validates that professionals who access, support and maintain the critical systems have an understanding of the regulatory requirements of NERC CIP as well as practical implementation strategies.
Affiliated Training :ICS456 : Essentials for NERC Critical Infrastructure Protection
Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting
GIAC Response and Industrial Defense (GRID)
The GRID certification is for professionals who want to demonstrate that they can perform Active Defense strategies specific to and appropriate for an Industrial Control System (ICS) network and systems.
Affiliated Training :ICS515 : ICS Visibility, Detection, and Response
Cloud Security
GIAC Cloud Security Essentials Certification (GCLD)
The GCLD certification validates a practitioner's ability to implement preventive, detective, and reactionary techniques to defend valuable cloud-based workloads.
Affiliated Training :SEC488 : Cloud Security Essentials
Cloud Security
GIAC Cloud Security Automation (GCSA)
The GCSA certification covers cloud services and modern DevSecOps practices that are used to build and deploy systems and applications more securely.
Affiliated Training :SEC540 : Cloud Security and DevSecOps Automation
Cloud Security
GIAC Certified Web Application Defender (GWEB)
The GIAC Web Application Defender certification allows candidates to demonstrate mastery of the security knowledge and skills needed to deal with common web application errors that lead to most security problems.
Affiliated Training :SEC522 : Application Security
Cloud Security
GIAC Cloud Threat Detection (GCTD)
The GCTD certification validates a practitioner's ability to detect and investigate suspicious activity in cloud infrastructure.
Affiliated Training :SEC541 : Cloud Security Threat Detection
Cloud Security
GIAC Public Cloud Security (GPCS)
The GPCS certification validates a practitioner's ability to secure the cloud in both public cloud and multi cloud environments.
Affiliated Training :SEC510 : Cloud Security Controls and Mitigations
Cybersecurity Leadership
GIAC Security Leadership (GSLC)
The GIAC Security Leadership (GSLC) certification validates a practitioner’s understanding of governance and technical controls focused on protecting, detecting, and responding to security issues.
Affiliated Training :LDR512 : Security Leadership Essentials for Managers
Cybersecurity Leadership
GIAC Law of Data Security & Investigations (GLEG)
The GIAC Law of Data Security & Investigations (GLEG) certification validates a practitioner's knowledge of the law regarding electronically stored and transmitted records.
Cybersecurity Leadership
GIAC Strategic Planning, Policy, and Leadership (GSTRT)
The GIAC Strategic Planning, Policy, and Leadership (GSTRT) certification validates a practitioner’s understanding of developing and maintaining cyber security programs as well as proven business analysis, strategic planning, and management tools.
Affiliated Training :LDR514 : Security Strategic Planning, Policy, and Leadership
Cybersecurity Leadership
GIAC Certified Project Manager (GCPM)
The GIAC Certified Project Manager (GCPM) certification validates a practitioner's knowledge of technical project management methodology and implementation.
Affiliated Training :LDR525 : Managing Cybersecurity Initiatives & Effective Communication
Cybersecurity Leadership
GIAC Critical Controls Certification (GCCC)
The GIAC Critical Controls Certification (GCCC) is the only certification based on the CIS Controls, a prioritized, risk-based approach to security.
Affiliated Training :SEC566 : Implementing and Auditing CIS Controls
Cybersecurity Leadership, Cyber Defense
GIAC Security Operations Manager Certification (GSOM)
The GSOM certification validates a professional’s ability to run an effective security operations center.
Affiliated Training :LDR551 : Building and Leading Security Operations Centers
Cybersecurity Leadership
GIAC Systems and Network Auditor Certification (GSNA)
The GIAC Systems and Network Auditor (GSNA) certification validates a practitioner’s ability to apply basic risk analysis techniques and to conduct technical audits of essential information systems.
