nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Gweb

Bl8ckr0uter

Information Security Certification - GIAC

Anyone heard of this exam or have plans to do it? Looks interesting.

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

docrice

I'd highly be interested in hearing about this as well. It's apparently a very new offering from SANS / GIAC. Something that causes me to hesitate, however, is that it's aimed towards developers, something that I clearly am not. The course description seems to imply that it's high-level enough that you don't need to have a programming background to benefit, but I wonder if that's really so.

Here's the description if anyone's interested:

http://www.sans.org/security-training/defending-web-applications-security-essentials-1442-mid

Some more info:

http://software-security.sans.org/blog/2011/03/25/gweb-web-application-security-certification

If I had to make an uninformed assessment, perhaps the OSCP would be a more cost-effective approach in learning the same material.

Bl8ckr0uter

Target

Developers, Web Application Security Analysts, Auditors, Penetration Testers, Security Professionals responsible for web application security and anyone interested in learning the concepts of securing web applications.

It is probably similar to the GWAPT where a development background would be helpful but not required. So now I have two courses I'd really like to take. GCED and GWEB. I think they would be good when paired with gpen and gwapt.