Categories
Welcome Center
Education & Development
Discussions
Certification Preparation
Recent Posts
Groups
Free Resources
Ebooks
Free Workshops
Trending Certifications Infographic
Infosec Training
IT & Security Training
Live Boot Camps
Security Awareness Training
About Infosec Institute
Home
Certification Preparation
GIAC
GIAC GWEB Certification
DragonAge
I had taken DEV 522 course from SANS 4 months back which maps to GIAC Certified Web Application Defender (GWEB) certification. I am planning to take the exam within 10 days. I got around 80 % in the practice test. People say that this certification is tuff. It goes in depth into the web application defense. Minimum passing score for this certification is 68%.
Could someone please guide me, Am I good to go for actual test with 80% score in practice test after going through weak topics once again . If someone had taken this certification , please advise how close will be the actual test compared to practice test.
I really wanted to get >= 90% in certification to be part of advisory board . Please advise.
Find more posts tagged with
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
docrice
I don't know anyone who has gone through 522 and sat the GWEB exam. That said, out of the five GIAC exams that I've sat for, I'd say the practice exams felt very close in the experience to the real exam. When you're taking the real test, you might be more nervous or there might be other factors in play. If you really want the 90+ score, I'd recommend ensuring that your index is complete for you and that you review everything.
Also, call ahead to your testing facility and make sure they understand that this is an open-book exam. Many Pearson VUE centers are not aware of this and there have been reported problems at some locations as the staff wasn't sure how to handle this.
DragonAge
Thanks docrice. Will let you know once I finish my GWEB cert. Will make sure Index is complete. During my practice test they were very few questions may be 5% are direct questions, rest of the questions are more kind of scenario based and it definitely require your application security skill and the concepts learnt during the course to apply. As per my colleagues , this exam is kind off different from other GIAC exams.
paul78
I'm curious if you found that course useful. The course seemed long in duration to cover the OWASP top 10.
I've only taken two SANS courses and I'm not a big fan of SANS. The price to value just doesn't seem to be justified. But every time that I swear off SANS, I find an interesting course like SEC522 and SEC642 that I consider.
Good luck on the GWEB.
DragonAge
I am from development and Web Application pentesting background, this course was really usefull for me in terms of defense since I learnt a lot more on defending the web applications. This is definitely a good course for pen testers who are interested in learning about the defense.
I2Secure
nice to hear that i would wish you best of luck
gaurav.gauravagarwal
Guys, Is there any study guide available to prepare for this exam? I could not find any
paul78
Gaurav - the official materials from SANS are really the only materials available. As a for-profit business, SANS protects its materials very closely because the business model is to drive people towards purchasing their training. To my knowledge, SANS does not license their materials to other third parties.
LionelTeo
your best bet is to dig up amazon for similar 2-3 books that covers up 1000 pages in total. Index it well and use it against a practice test and see how far you do. Before pouring the rest of the money in the actual exam.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
