Welcome to the TechExams.net SANS GIAC Certifications Forum!

This forum is for all discussions about the SANS Institute, SANS courses, and GIAC certifications. Discussion about the SANS Technology Institute may be found here or in the TechExams.net IT Jobs / Degrees forum.

"GIAC certifications? I thought these were SANS certs!"

Global Information Assurance Certification (GIAC) is an information security certification organization that offers vendor-neutral security certifications in a wide variety of fields in Information Security. GIAC was founded by the The SANS (SysAdmin, Audit, Networking, and Security) Institute in 1999. SANS is a private US company, founded in 1989, that specializes in computer and network security training, and security research and archives. SANS also offers professional IT security certification through GIAC. For this reason, GIAC certifications are commonly--and erroneously--referred to as "SANS certifications."

GIAC Certifications

There are over 20 GIAC certifications from which to choose, and no limit on the number of certs you may achieve. All GIAC certs have an associated SANS training course, or set of courses, that are recommended to attend prior to attempting certification. There are no prerequisites to sit for any GIAC certification exam.

The entry-level GIAC certification is the GIAC Information Security Fundamentals (GISF). The GISF cert is recommended for people who are not necessarily InfoSec professionals, but need a broad understanding of InfoSec requirements, policies, and procedures.

The foundation GIAC certification is the GIAC Security Essentials (GSEC). The GSEC cert is for IT professionals who work with security issues and are capable of demonstrating practical knowledge in an exam. The GSEC is considered to be the foundation certification for all SANS training tracks.
The following is a complete listing of GIAC certifications in alphabetical order:

G2700 - GIAC Certified ISO-27000 Specialist
GAWN - GIAC Assessing and Auditing Wireless Networks
GCED - GIAC Certified Enterprise Defender
GCFA - GIAC Certified Forensic Analyst
GCFE - GIAC Certified Forensics Examiner
GCFW - GIAC Certified Firewall Analyst
GCIH - GIAC Certified Incident Handler
GCIA - GIAC Certified Intrusion Analyst
GCPM - GIAC Certified Project Manager Certification
GCUX - GIAC Certified UNIX Security Administrator
GCWN - GIAC Certified Windows Security Administrator
GISF - GIAC Information Security Fundamentals
GISP - GIAC Information Security Professional
GSLC - GIAC Security Leadership Certification
GLEG - GIAC Legal Issues
GSSP-JAVA - GIAC Secure Software Programmer - Java
GSSP-NET - GIAC Secure Software Programmer - .NET
GPEN - GIAC Penetration Tester
GREM - GIAC Reverse Engineering Malware
GSE - GIAC Security Expert
GSEC - GIAC Security Essentials
GSNA - GIAC Systems and Network Auditor
GWAPT - GIAC Web Application Penetration Tester

As of January 30, 2011, GIAC claims to have granted a total of 34,772 certifications worldwide. The current number is displayed on the GIAC Home Page.

GIAC has a Code of Ethics that must be signed by each certification candidate. As of July 1, 2011, GIAC claims to have revoked 106 certifications for ethics violations, including plagiarism and violations of exam Non-Disclosure Agreements.

GIAC Certification Categories

Many GIAC certifications are paired to a specific career type in Information Security. Some of these pairings include:

GSEC - Security Analyst
GCED - Senior Security Analyst
GCIA - Intrusion Analyst
GCIH - Incident Handler
GPEN - Penetration Tester
GCFA - Computer Forensics Analyst
GSLC - Information Security Manager
GSNA - Information Security Auditor
GREM - Malware Analyst

GIAC certifications paths are also grouped based on specific fields related to Information Security:

Auditing: GSEC, GISF, GSNA
Computer Forensics: GCFE, GCFA, GREM
Incident Handling: GSEC, GCIH, GCED, GCFA
Intrusion Analysis: GSEC, GCED, GCFW, GCIA
Legal: GISF, GSEC, GLEG
Management: GISF, GSEC, GSLC, GCPM, GISP
Penetration Testing: GSEC, GCIH, GGPEN, GWAPT, GWAN
Network Security: GSEC, GCED
Software Security: GWEB, GWAPT, GSSP-JAVA, GSSP-NET
System Administration: GSEC, GCED, GCWN, GCUX

More details can be found at the GIAC Certification Roadmap.

GIAC Security Expert (GSE)

The GSE is the top GIAC certification. Obtaining the GSE requires passing a multiple-choice exam and a hands-on lab. The perquisite for becoming GSE-certified is to have previously achieved three to five GIAC certifications from a wide range of selections.

To learn more about the GSE, visit Information Security Certification - GIAC or email gse@giac.org.

GIAC Gold Status

Passing a GIAC exam earns a Silver certification status, denoted by a silver GIAC certification logo. The certification holder may opt to achieve Gold status for the certification by writing a technical white paper on a topic from the certification and submitting it for judging (along with a fee) to an advisor. If the paper is found to have a passing score based on a published rubric, the cert holder is promoted to Gold status and may display the gold GIAC certification logo.

GIAC Exam Testing Centers

All GIAC exams are proctored and administered through Pearson VUE at more than 3,500 testing centers worldwide. For more information on GIAC testing, check out the GIAC FAQ.

GIAC Certification Challenge

Because no specific training is required to achieve any GIAC certification, it is also possible to challenge a GIAC certification without attending SANS online or face-to-face training. The current cost is $999US to challenge a GIAC exam. For more information on challenging GIAC exams, check out the GIAC Exam Challenge and Registering for GIAC Certification pages.

GIAC Certification Maintenance, Expiration, and Re-certification

GIAC certifications are valid for four years. After two years, the cert holder is given the opportunity to re-certify by collecting Certification Maintenance Units (CMU) prior to the expiration date of the certification. Collecting 36 CMUs over two years is currently required to maintain a single GIAC certification. (Passing a single GIAC exam will earn a candidate 36 CMUs.) If a certification expires before the cert holder re-certifies, the certification exam must be retaken to re-certify.

Only five GIAC certifications (GSEC, GSLC, GCFA, GCIH, GCIA) are currently ISO/IEC 17024 accredited.

To get more information on GIAC certification maintenance, visit Information Security Certification - GIAC, or email cert-renewal@giac.org.

SANS OnDemand Courses

SANS OnDemand courses are a pre-recorded alternative to live, classroom-based SANS courses. The OnDemand format allowed 4 months of 24/7 access to the online training & assessment system, course book(s), hands-on cd/dvd & virtual labs (if applicable), MP3 audio files and access to OnDemandVirtual Mentors. The associated GIAC certification may be taken after the completion of each OnDemand course. Online demonstrations of all SANS OnDemand courses are available.

For more information, visit the SANS OnDemand FAQ.

DoD Directive 8570.01

Many GIAC certifications are accepted by the US Department of Defense per DoD Directive 8570.01, including GSEC, GCED, GSLC, GCWN, GCUX, GCIH, GSIF, GCIA, and GSNA.

To get more information on GIAC certification accepted by the DoD, visit SANS: DoDD 8570 and GIAC Certification or email 8570@sans.org.

SANS Cyber Guardian Program

From the SANS Cyber Guardian Program Web page:

The Cyber Guardian program provides intensive, hands-on training for both Red (offensive) and Blue (defensive) teams. Participants must successfully complete four core courses and the corresponding certifications as well as pass the GSE exam within two years of starting the program. After completing all four core courses and exams, candidates will choose their specialization and complete one more course and certification. Upon the successful completion of all courses and certifications, candidates will finish the program by taking and passing the GSE (GIAC Security Expert) exam and joining the elite group of GSE certified professionals.

SANS Technology Institute

The SANS Technology Institute (STI) is a Masters-level educational institution opened in 2008. STI currently offers Masters of Science degrees in Information Security Management (MSISM) and Information Security Engineering (MSISE).

The courses offered in the STI curriculum are not the SANS workshop courses. GIAC certifications are acceptable for some prerequisites.

SANS offers free security content via the SANS Technology Institute Leadership Lab and IT/Security-related leadership information.

STI is authorized by the Maryland Higher Education Commission
(MHEC) to award the Master of Science Degree.
As of 2011, STI is not yet regionally accredited by the Council for Higher Education Accreditation (CHEA). Candidate for Accreditation status was granted in March 2010.

STI is not currently an NSA Center of Academic Excellence (CAE).

To get more information on the SANS Technology Institute, visit www.sans.edu/admissions or email info@sans.edu.

Recommended GIAC Study Resources

Check this discussion thread for GIAC study resources that have been recommended as very useful by TechExam.net members.

SANS Institute Web Pages

Information Security Certification - GIAC
Forensics, Management, Information, IT Security Certifications - GIAC

SANS: Computer Security Training, Network Security Research, InfoSec Resources
Computer Security Training, Network Security Research, InfoSec Resources

ISC Home | SANS Internet Storm Center; Cooperative Network Security Community - Internet Security
isc Home | SANS Internet Storm Center; Cooperative Network Security Community - Internet Security

Masters Degree in Information Security - SANS Technology Institute
Masters Degree in Information Security - SANS Technology Institute

SANS: Computer Security Training, Network Security Research, InfoSec Resources
Computer Security Training, Network Security Research, InfoSec Resources

SANS - IT Audit with David Hoelzer
SANS - IT Audit with David Hoelzer

SANS Computer Forensics Training, Incident Response with Rob Lee
SANS Computer Forensics Training, Incident Response with Rob Lee

SANS Information Security Reading Room - Computer Security White Papers
SANS: Information Security Reading Room - Computer Security White Papers

GIAC-certified professionals online directory
www.giac.org/certified-professionals/directory

SANS Institute Twitter Feeds
SANS Institute Twitter Feeds

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

techcdn_infosec

Hello JD,

Any idea, to have GCPM is there any pre-requiste.

Thx

JDMurray

There are no prerequisites for any GIAC exam. All you need do is decide how you will qualify take the exam (classroom, vLive, OnDemand, self-study, challenge, etc.).

TechGromit

JDMurray wrote: »

As of December 2, 2015, GIAC claims to have granted a total of 74,632 certifications worldwide. The current number is displayed on the GIAC Home Page.

For all the certifications they offer? Seems low. Currently GSEC is at #37891, GCIH is currently at 26612, GCIA 8800, GCFA 11331, that adds up to 84,634, not counting the other certifications they offer. Either someone at SANS is bad at math or were not getting the whole story here. Is it possible this is the number of certified professionals only count certifications currently in effect? Are expired certifications subtracted from the total?

TechGromit

I posed the question to SANS.ORG and they said the Certification numbers are not sequential, even though it says #37891, there are really only around 17,000 people that hold the GSEC certification. So there are gaps in the numbering, other GIAC certifications have similar gaps. SANS.ORG didn't give any clarification why they do this, my best guess is they are counting exam attempts, so if people 1,2,4,6 pass the exams, and people 3 and 5 fail, this would explain why there are gaps. If this is indeed true, this would give the test a 46% passing rate.

Follow up:
I asked SANS.ORG if this was so, they denied that they are counting exam attempts, but really didn't offer an explication why the Analyst numbers have gaps/skip numbers.

wwjd1004

Can we update the GIAC Certification Maintenance, Expiration, and Re-certification section? It's been updated. How to Renew Your GIAC Security Certification

gwood113

Just a note: GIAC Certified Firewall Analyst (GCFW) is now GIAC Certified Perimeter Protection Analyst (GPPA).

Okarabulut

Which one is the start level from these certifications below;

GSEC - Security Analyst
GCED - Senior Security Analyst
GCIA - Intrusion Analyst
GCIH - Incident Handler
GPEN - Penetration Tester
GCFA - Computer Forensics Analyst
GSLC - Information Security Manager
GSNA - Information Security Auditor
GREM - Malware Analyst

JDMurray

The GSEC is the one you would start at.

Okarabulut

Thank you so much.

E Double U

Okarabulut said:

Which one is the start level from these certifications below;

GSEC - Security Analyst
GCED - Senior Security Analyst
GCIA - Intrusion Analyst
GCIH - Incident Handler
GPEN - Penetration Tester
GCFA - Computer Forensics Analyst
GSLC - Information Security Manager
GSNA - Information Security Auditor
GREM - Malware Analyst

If by start level you mean having absolutely no security knowledge then I would say GSEC. But if you mean where to begin with SANS in general, with some experience you can pick something else. GCIH was my first GIAC credential after a few years of security experience. I had completed CISSP earlier that year and CCNP Security the year prior.

Quick Links

All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of