Global Information Assurance Certification

For the computer algebra system, see Giac (software).

Global Information Assurance Certification (GIAC) is an information security certification entity that specializes in technical and practical certification as well as new research in the form of its GIAC Gold program. SANS Institute founded the certification entity in 1999 and the term GIAC is trademarked by The Escal Institute of Advanced Technologies.

Global Information Assurance Certification
GIAC

Founded	1999
Type	for-profit
Focus	Cybersecurity, Information Security, Software Security
Area served	Worldwide
Services	Professional Certifications
Owner	SANS
Website	www.giac.org

GIAC provides a set of vendor-neutral computer security certifications linked to the training courses provided by the SANS. GIAC is specific to the leading edge technological advancement of IT security in order to keep ahead of "black hat" techniques. Papers written by individuals pursuing GIAC certifications are presented at the SANS Reading Room on GIAC's website.

Initially all SANS GIAC certifications required a written paper or "practical" on a specific area of the certification in order to achieve the certification. In April 2005, the SANS organization changed the format of the certification by breaking it into two separate levels. The "silver" level certification is achieved upon completion of a multiple choice exam. The "gold" level certification can be obtained by completing a research paper and has the silver level as a prerequisite.

As of August 27, 2022, GIAC has granted 173,822 certifications worldwide.^[1]

SANS GIAC Certifications

Certifications listed as 'unavailable' are not listed in official SANS or GIAC sources, and are found elsewhere. They are not the same as retired courses.^[2]

Cyber Defense

Code	Name	Associated SANS Course[3]	Status
GFACT	GIAC Foundational Cybersecurity Technologies	SEC275
GISF	GIAC Information Security Fundamentals	SEC301
GSEC	GIAC Security Essentials Certification	SEC401
GSOC	GIAC Security Operations Certified	SEC450
GOSI	GIAC Open Source Intelligence	SEC487
GCLD	GIAC Cloud Security Essentials	SEC488
GCED	GIAC Certified Enterprise Defender	SEC501
GCIA	GIAC Certified Intrusion Analyst	SEC503
GCWN	GIAC Certified Windows Security Administrator	SEC505
GMON	GIAC Continuous Monitoring Certification	SEC511
GDSA	GIAC Defensible Security Architecture	SEC530
GCDA	GIAC Certified Detection Analyst	SEC555
GCCC	GIAC Critical Controls Certification[4]	SEC566
GDAT	GIAC Defending Advanced Threats	SEC599
GSIP	GIAC Secure Internet Presence	SEC615[5]	Unavailable
GSOC	GIAC Securing Oracle Certification		Retired

Penetration Testing

Code	Name	Associated SANS Course	Status
GEVA	GIAC Enterprise Vulnerability Assessor	SEC460
GCIH	GIAC Certified Incident Handler	SEC504
GWAPT	GIAC Certified Web Application Penetration Tester	SEC542
GPEN	GIAC Penetration Tester	SEC560
GCPN	GIAC Cloud Penetration Tester	SEC588
GPYC	GIAC Python Coder	SEC573
GMOB	GIAC Mobile Device Security Analyst	SEC575
GAWN	GIAC Assessing Wireless Networks	SEC617
GXPN	GIAC Exploit Researcher and Advanced Penetration Tester	SEC660

Management, Audit, Legal

Code	Name	Associated SANS Course	Status
GSAE	GIAC Security Audit Essentials	AUD410[6]	Unavailable
G7799	GIAC Certified ISO-17799 Specialist	AUD411[7]	Unavailable
GSNA	GIAC Systems and Network Auditor	AUD507
GISP	GIAC Information Security Professional	MGT414
GSLC	GIAC Security Leadership Certification	MGT512
GSOM	GIAC Security Operations Manager	MGT552
GCSC	GIAC Certified Security Consultant	MGT513[8]	Unavailable
GSTRT	GIAC Strategic Planning, Policy, and Leadership	MGT514
GCPM	GIAC Certified Project Manager	MGT525
GLEG	GIAC Legal Issues		Abeyance
G2700	GIAC Certified ISO-27000 Specialist		Retired

Operations

Code	Name	Status
GOEC [citation needed]	GIAC Operations Essentials Certification	Retired

Developer

Code	Name	Associated SANS Course	Status
GWEB	GIAC Certified Web Application Defender	SEC522	formally DEV522[9]
GPCS	GIAC Public Cloud Security	SEC510
GCSA	GIAC Cloud Security Automation	SEC540
GNET	GIAC .Net		Retired
GSSP C	GIAC Secure Software Programmer C		Retired

Incident Response and Forensics

Code	Name	Associated SANS Course	Status
GBFA	GIAC Battlefield Forensics and Acquisition	FOR498
GCFE	GIAC Certified Forensic Examiner	FOR500
GCFA	GIAC Certified Forensic Analyst	FOR508
GCFR	GIAC Cloud Forensics Responder	FOR509
GIME	GIAC iOS & Mac Examiner	FOR518
GNFA	GIAC Certified Network Forensic Analyst	FOR572
GCTI	GIAC Cyber Threat Intelligence	FOR578
GASF	GIAC Advanced Smartphone Forensics	FOR585
GREM	GIAC Certified Reverse Engineering Malware	FOR610

Industrial Control Systems

Code	Name	Associated SANS Course	Status
GICSP	GIAC Global Industrial Cybersecurity Professional	ICS410
GCIP	GIAC Critical Infrastructure Protection	ICS456
GRID	GIAC Response and Industrial Defense	ICS515

GSE

Code	Name	Status
GSE	GIAC Security Expert
GSE-Malware	GIAC Security Expert in Malware	Retired[10]
GSE-Compliance	GIAC Security Expert in Compliance	Retired[10]

Unobtainable Certifications

The following certifications are no longer issued.

Code	Name	Associated SANS Course	Status
GCUX	GIAC Certified UNIX Security Administrator	SEC506	Unobtainable[11]
GPPA	GIAC Certified Perimeter Protection Analyst		Unobtainable.[12] Formerly GCFW (Certified Firewall Analyst)
GSSP-JAVA	GIAC Secure Software Programmer Java	DEV541	Unobtainable[13]
GSSP-.NET	GIAC Secure Software Programmer .NET	DEV544	Unobtainable[14]

External links

• Official website