The IT Certification Resource Center

Featured Deal

Get CompTIA, Cisco, or Microsoft training courses free for a week.
Learn More ❯

GIAC Certifications: A Comprehensive Guide for 2017

GIAC Lock chalkIncident Response and Forensics


Cyber criminals are often found to be operating undetected for months inside their victim’s network. Certified Incident Response and Forensics professionals prove they have the skills to identify what happened and who did it.


In all, the available credentials under Incident Response and Forensics are:


● GIAC Certified Forensic Analyst (GCFA)
● GIAC Certified Forensic Examiner (GCFE)
● GIAC Reverse Engineering Malware (GREM)
● GIAC Network Forensic Analyst (GNFA)
● GIAC Advanced Smartphone Forensics (GASF)


Management, Audit, Legal


As businesses continue to realize the importance of cybersecurity, security teams now have more responsibility than ever before. With this responsibility, leading information security professionals must now possess management and security skills. The following GIAC certifications build and prove this InfoSec management knowledge:


● GIAC Security Leadership (GSLC)
● GIAC Systems and Network Auditor (GSNA)
● GIAC Information Security Professional (GISP)
● GIAC Law of Data Security & Investigations (GLEG)
● GIAC Certified Project Manager (GCPM)




Designed for developers, these cybersecurity certifications cover secure coding principles and in-depth technical knowledge critical to developing secure applications. There are three Developer certifications:


● GIAC Secure Software Programmer-Java (GSSP-JAVA)
● GIAC Certified Web Application Defender (GWEB)
● GIAC Secure Software Programmer-.NET (GSSP-.NET)


Industrial Control Systems


Industrial Control Systems (ICS) — think automated machines found in factories and civic infrastructure — can be vulnerable to cyber criminals, especially given the rise of poorly secured and regulated IoT technology. Luckily, the GICSP certification proves a security professional’s ability to combine IT, cybersecurity and engineering best practices to secure an ICS.


● GIAC Global Industrial Cyber Security Professional (GICSP)
● GIAC Response and Industrial Defense (GRID)


GIAC Security Expert (GSE) Certification


The GIAC GSE is among the most prestigious certifications in IT security and singles out candidates who have mastered the wide variety of skills and knowledge required by top security professionals.


This certification is aimed at candidates who are committed to mastering every element of information security. Unsurprisingly, the prerequisites for this top-tier certification are lengthy and complex with dozens of potential options. More information on the GSE certification can be found here.




GIAC Gold is a second tier of certification that requires the completion of a technical paper covering one relevant area of information security. This advanced certification proves both a candidate’s knowledge in the subject area as well as their ability to effectively communicate this knowledge.


Pass any GIAC certification and you’ll get the option to apply for GIAC Gold. Applicants will work closely with a GIAC Gold advisor to define and complete a technical report. If the report is approved, candidates will receive GIAC Gold status and their report will be accepted into the SANS Reading Room.


Renewal information


To recertify a GIAC certification, professional must gain 36 Continuing Professional Education Credits (CPE) and pay a $399 renewal fee every four years. CPEs can be gained in a variety of ways, and the rules can be complex. For more information, take a look at this infographic from GIAC.


GIAC Security Expert (GSE) credentials can only be maintained by retaking the GSE exam. Doing so will renew all other certifications held.



Alex Bennett of Firebrand TrainingAlex Bennett is a technical writer for Firebrand Training. Working at the forefront of the IT training industry, Alex uses his insider knowledge to write regularly on IT security, networking and cloud technology.