GIAC Certifications: A Comprehensive Guide for 2017

GIAC pros discussing security

Founded in 1999 by the SANS Institute, the GIAC (Global Information Assurance Certification) program offers more than 30 individual credentials for information security specialists. Since its founding, GIAC has issued more than 95,000 certifications.


To help certification candidates build the skills needed to tackle the sophisticated and technical nature of cybercrime, GIAC's certifications focus on highly specific cybersecurity knowledge areas — each credential is aligned to a distinct job role.


Why achieve a GIAC certification?


GIAC certifications are a great indication of cybersecurity skill and knowledge. These credentials are designed to fill gaps in cybersecurity skills, and few other certs cover the same highly specialized material in this depth.


These certifications are well-recognised within the information security industry and align to ANSI and ISO 17024 — national and global standards designed to validate the quality of organizations that offer certification.


SANS Institute, the organization that owns and operates GIAC, is a major provider of cybersecurity training for the United States Armed Forces. Because of this relationship, a number of GIAC certifications are DoD 8140-compliant. To explain: The DoD 8140 directive requires all U.S. Department of Defense personnel and contractors to be certified in their area of work. Compliance is a must for contractors employed by U.S. government organizations.


Your guide to GIAC's certification portfolio


The GIAC program prides itself on providing specialized, practical certifications that align to popular cybersecurity job roles.


Relying on purely theoretical knowledge is the ultimate security risk, according to GIAC. Instead, technical, real-world knowledge and skills are the best way to secure businesses.


Most GIAC certifications align to training provided by SANS, but training is also available from other providers.


It's worth noting that, while no training is officially required to achieve a GIAC certification, training remains highly recommended.


GIAC administers certifications across seven information security domains:


? Cyber Defense
? Penetration Testing
? Incident Response and Forensics
? Management, Audit, Legal
? Developer
? Industrial Control Systems
? GIAC Security Expert (GSE)


With dozens of certifications across these domains, it can be easy to get lost within GIAC's huge certification library. Let's take a look at each of the domains and the certifications available within them.


Cyber Defense


GIAC Cyber Defense certifications ensure that professionals have the know-how to defend against modern cybersecurity threats.


The GIAC Security Essentials (GSEC) credential is one of the most popular certifications within this domain because it's ideal for entry-level security professionals, operations personnel, and managers. GIAC Certified Intrusion Analyst (GCIA) is also highly recommended for professionals responsible for network monitoring and intrusion detection.


In all, the available credentials under Cyber Defense are:


? GIAC Security Essentials (GSEC)
? GIAC Certified Intrusion Analyst (GCIA)
? GIAC Information Security Fundamentals (GISF)
? GIAC Certified Enterprise Defender (GCED)
? GIAC Certified Windows Security Administrator (GCWN)
? GIAC Certified Perimeter Protection Analyst (GPPA)
? GIAC Continuous Monitoring Certification (GMON)
? GIAC Certified UNIX Security Administrator (GCUX)
? GIAC Critical Controls Certification (GCCC)


Penetration Testing


While the Cyber Defense domain focuses on protecting organisations, the Penetration Testing domain specialises in offensive hacking techniques and includes specialist certifications to build this knowledge.


This domain also includes Incident Handling: expert skills required to manage security incidents in progress. The GIAC Certified Incident Handler (GCIH) certification provides the knowledge needed to detect, respond to, and resolve cyberattacks. Given the global rise in hacks, it's not surprising this certification is so popular. For more information, here's a comparison of CISSP, CEH and GCIH.


In all, the available credentials under Penetration Testing are:


? GIAC Certified Incident Handler (GCIH)
? GIAC Penetration Tester (GPEN)
? GIAC Web Application Penetration Tester (GWAPT)
? GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
? GIAC Assessing and Auditing Wireless Networks (GAWN)
? GIAC Mobile Device Security Analyst (GMOB)
? GIAC Python Coder (GPYC)


GIAC Lock chalk

Incident Response and Forensics


Cyber criminals are often found to be operating undetected for months inside their victim's network. Certified Incident Response and Forensics professionals prove they have the skills to identify what happened and who did it.


In all, the available credentials under Incident Response and Forensics are:


? GIAC Certified Forensic Analyst (GCFA)
? GIAC Certified Forensic Examiner (GCFE)
? GIAC Reverse Engineering Malware (GREM)
? GIAC Network Forensic Analyst (GNFA)
? GIAC Advanced Smartphone Forensics (GASF)


Management, Audit, Legal


As businesses continue to realize the importance of cybersecurity, security teams now have more responsibility than ever before. With this responsibility, leading information security professionals must now possess management and security skills. The following GIAC certifications build and prove this InfoSec management knowledge:


? GIAC Security Leadership (GSLC)
? GIAC Systems and Network Auditor (GSNA)
? GIAC Information Security Professional (GISP)
? GIAC Law of Data Security & Investigations (GLEG)
? GIAC Certified Project Manager (GCPM)




Designed for developers, these cybersecurity certifications cover secure coding principles and in-depth technical knowledge critical to developing secure applications. There are three Developer certifications:


? GIAC Secure Software Programmer-Java (GSSP-JAVA)
? GIAC Certified Web Application Defender (GWEB)
? GIAC Secure Software Programmer-.NET (GSSP-.NET)


Industrial Control Systems


Industrial Control Systems (ICS) — think automated machines found in factories and civic infrastructure — can be vulnerable to cyber criminals, especially given the rise of poorly secured and regulated IoT technology. Luckily, the GICSP certification proves a security professional's ability to combine IT, cybersecurity and engineering best practices to secure an ICS.


? GIAC Global Industrial Cyber Security Professional (GICSP)
? GIAC Response and Industrial Defense (GRID)


GIAC Security Expert (GSE) Certification


The GIAC GSE is among the most prestigious certifications in IT security and singles out candidates who have mastered the wide variety of skills and knowledge required by top security professionals.


This certification is aimed at candidates who are committed to mastering every element of information security. Unsurprisingly, the prerequisites for this top-tier certification are lengthy and complex with dozens of potential options. More information on the GSE certification can be found here.




GIAC Gold is a second tier of certification that requires the completion of a technical paper covering one relevant area of information security. This advanced certification proves both a candidate's knowledge in the subject area as well as their ability to effectively communicate this knowledge.


Pass any GIAC certification and you'll get the option to apply for GIAC Gold. Applicants will work closely with a GIAC Gold advisor to define and complete a technical report. If the report is approved, candidates will receive GIAC Gold status and their report will be accepted into the SANS Reading Room.


Renewal information


To recertify a GIAC certification, professional must gain 36 Continuing Professional Education Credits (CPE) and pay a $399 renewal fee every four years. CPEs can be gained in a variety of ways, and the rules can be complex. For more information, take a look at this infographic from GIAC.


GIAC Security Expert (GSE) credentials can only be maintained by retaking the GSE exam. Doing so will renew all other certifications held.


Would you like more insight into the history of hacking? Check out Calvin's other articles about historical hackery:
About the Author
Alex Bennett of Firebrand Training

Alex Bennett is a technical writer for Firebrand Training. Working at the forefront of the IT training industry, Alex uses his insider knowledge to write regularly on IT security, networking and cloud technology.