Request for response on suitable GIAC certification including GCED

guyfawkes101guyfawkes101 Registered Users Posts: 2 ■□□□□□□□□□
Hi All,

I am an information security professional and have been in this field since 8 years now. I have authored books in enterprise and technical domains of infosec and have published half dozen research papers in advanced cryptography. I am also accredited with identifying 0day vulns on BB OS platform. My professional workex has been as permanent senior security managerial positions with companies like Microsoft, Deloitte and Adobe.

I do not have much trust in certifications as such but due to certain corporate directives, I will have to opt for a GIAC certification. From the brief description of my work profile, it could well be figured out, I have worked handson in all major domains of Infosec but my interest areas primarily lay in Network/App Pentesting (Fuzzing,Overflows,XSS,Injections,Input Validations, ATP,Malwares,Exploits,Scripting - Perl/Python) and Reverse Engineering (Hexcode,Binary analysis).

If I have to rank from the description of the courses, I would choose the following as top 3.
GCED: GIAC Certified Enterprise Defender
GPEN: GIAC Certified Penetration Tester
GXPN: GIAC Exploit Researcher and Advanced Penetration Tester

What I require is your kind indulgence in letting me know the popularity of above courses on following scale:
1) Market value - on scale of 1-5 in terms of employability and employer perception and awareness about the course

Further, any alternate GIAC certification you would like to recommend in hardcore handson InfoSec would be much appreciated.

Thanks in advance.


  • JDMurrayJDMurray Admin Posts: 12,868 Admin
    Welcome to TE! :D

    When doing market research on the desirability of certification by hiring managers, there is no better source of information than the job postings on job sites like,, etc. For example, doing a search for different GIAC certifications on will show that the GSEC is very desirable (because it is a generalist InfoSec cert, like the CISSP), GPEN is popular as a specialty cert (pen testing), and the GCED and GXPN are hardly known, if at all.

    These results do not necessarily reflect on the desirability of the topics covered by these certifications. Certs must be marketed by their respective vendors to become noticed by, and stay in demand, by the cert-consuming community. Some very good certs are hardly known because they are very weakly marketed (advertised). There is where a site like is invaluable to finding a concentration of opinions from the cert-consuming community. We help you to find not only the popular stuff, but also the hidden gold, and help you to avoid the cruft. Oh--and all for free. ;)
Sign In or Register to comment.