The Global Information Assurance Certification (GIAC®) entity was founded by the SANS Institute in 1999. GIAC certifications cover a wide variety of security domains and vary from management and leadership to deep levels of penetration testing, reverse engineering and more. We offer courses to train and prepare you for the following GIAC certification exams.

Find a course for you

GSEC - GIAC Security Essentials

The GSEC certification is more advanced than GISF and tests more in-depth knowledge of security concepts. This includes an understanding of theoretical topics, including access control theory, legal aspects of incident handling and incident handling fundamentals, as well as more practical aspects, such as dealing with wireless attacks, implementing defense in depth, reading packets and securing Windows Server services.

GCIH - GIAC Certified Incident Handler

The GCIH is an entry-level certification in the penetration testing domain. It tests a candidate’s knowledge around understanding an incident, detecting an incident, using various tools to understand attacker tactics and understanding different types of attacks, such as buffer overflows, password attacks, session hijacking, the OWASP Top 10 and more.

GPEN - GIAC Penetration Tester

The GPEN certification assesses a candidate's knowledge of network and system design as well as how to discover vulnerabilities. It tests a candidate's knowledge around performing advanced password attacks, scanning for vulnerabilities, scanning for and profiling interesting targets, carrying out post exploitation methods and performing web application attacks. Candidates should possess basic knowledge of exploitation and the pentesting process.

GWAPT - GIAC Web Application Penetration Tester

The GWAPT certification focuses on web application pentesting and requires the candidate to have in-depth knowledge of how some known web application attacks work. Examples of attacks include cross site request forgery (CSRF), cross site scripting (XSS) and injection attacks, such as SQL injection and command injection. Candidates should also know how to profile an application and look for weak areas.

GMOB - GIAC Mobile Device Security Analyst

The GMOB certification targets individuals who are interested in mobile device security. This certification requires the candidate know how to capture and interpret network traffic, unlock and root mobile devices, understand different mobile operating systems, perform full penetration testing to identify weakness, and understand mitigation strategies against stolen mobile device and malware.

GAWN - GIAC Assessing and Auditing Wireless Networks

The GAWN certification tests the knowledge of assessing wireless networks, including understanding a basic wireless network and its components; understanding weak encryption methods and how to attack them; securing and attacking WPA2, Zigbee, and DECT; sniffing and analyzing wireless traffic; performing Bluetooth low-energy and RFID high-frequency attacks; and creating and identifying rogue access points.

GXPN - GIAC Exploit Researcher and Advanced Penetration Tester

The GXPN is an advanced-level certification for penetration testers that assesses a candidate's knowledge around advanced stack smashing with some OS-level mitigation, advanced fuzzing techniques, assessing and exploiting the network, post-exploitation lateral movement, Windows/Linux system and memory exploitation, writing advanced-level shellcodes and understanding weaknesses of various cryptographic implementations.

GRID - GIAC Response and Industrial Defense

The GRID certification tests a candidate’s knowledge of performing active defense strategies for ICS systems. Candidates must possess skills to detect, analyze and perform threat analysis in an ICS environment as well as have knowledge around digital forensics focusing on ICS components and network monitoring within ICS environments.

GCIP - GIAC Critical Infrastructure Protection

The GCIP certification tests the candidate’s knowledge of NERC CIP regulatory requirements, BES reliability operating systems, BES cyber asset identification, electronic security perimeter architecture, malicious communication detection, external routable connectivity communication, and more.

GISF - GIAC Information Security Fundamentals

The GISF is an entry-level certification for security professionals. The certification tests a candidate’s knowledge around access control, authentication and authorization; basic understanding of cryptographic algorithms; understanding of network protocols and attacks; and understanding of defending systems from threats.

GCED - GIAC Certified Enterprise Defender

The GCED certification tests a candidate’s knowledge of network protocols and their weakness as well as ways to defend against those weaknesses. The candidate must understand VAPT concepts, performing forensics on network logs and malware, static and dynamic analysis of malware, the concepts of incident response and more.

GPPA - GIAC Certified Perimeter Protection Analyst

The GPPA certification assess a candidate's knowledge around designing and configuring routers, switches and firewalls. This exam tests understanding around cloud stack models and perimeter security, basics of IP and ICMP version 6, implementation and configuring of NIPS/NIDS, understanding around wireless networks and security, and techniques such as stateful and static packet filtering.

GCIA - GIAC Certified Intrusion Analyst

The GCIA certification tests a candidate’s knowledge of configuring and monitoring intrusion detection systems to analyze network traffic. Candidates must possess skills such as IDS tunneling and application layer protocol dissection as well as an understanding of fragmentation attacks, IDS/IPS fundamentals, IP packet header analysis and working knowledge of important tools, such as tcpdump and Wireshark.

GCWN - GIAC Certified Windows Security Administrator

The GCWN certification assesses the candidate’s knowledge of securing Windows components such as PKI, IPsec, Group Policy and PowerShell. The candidate must possess skills to configure endpoint protection on Windows, including AppLocker, firewalls and Windows audit policies as well as the ability to plan and implement PKI and secure PowerShell through code signing, constraint modes, and user access control restrictions.

GCUX - GIAC Certified Unix Security Administrator

The GCUX certification tests the candidate’s knowledge of securing and auditing UNIX and LINUX systems. Candidate must possess skills such as implementing best practices for kernel security and have a thorough understanding of chroot() strengths and weakness, BIND and DNSSEC, maintaining iptables; the advantages and limitations of SeLinux, stack smashing, configuration of sudo and syslog-ng, and more.

GMON - GIAC Continuous Monitoring Certification

The GMON certification tests the candidate’s knowledge of assessing and implementing defensible security architecture and its continuous monitoring. Candidates must possess the skills to control privilege levels of accounts and applications, knowledge of HIPS/HIDS/NIPS/NIDS/NGFW, understanding of security baseline configurations, knowledge of proxies and SIEM for continuous monitoring, and understanding of how to protect the perimeter from known attacks.

GCCC - GIAC Critical Control Certification

The GCCC certification tests the candidate's knowledge of implementing critical security controls recommended by the Council on Cybersecurity. The candidate must possess knowledge of securing account access, implementing secure configurations for network devices, blocking malware, inventory and control of hardware and software assets, implementing controlled admin access and implementing secure principles, such as need to know and protecting data at transit, in storage and at rest.

GCFE - GIAC Certified Forensic Examiner

The GCFE certification assesses a candidate’s knowledge and skill in conducting typical incident investigations. The candidate must possess the ability to profile systems and devices; an understanding of critical OS artifacts, such as files, the registry, and browser artifacts; the ability to acquire, prepare and preserve digital evidence; and an understanding of critical Windows events.

GCFA - GIAC Certified Forensic Analyst

The GCFA is an advanced-level forensic certification that assesses a candidate's knowledge and skills in conducting a typical incident investigation. The candidate must possess the ability to identify malicious activity on systems, analyze the timeline of activities, and collect and analyze data from volatile data sources. Candidates must also have a thorough understanding of Windows artifacts and know how to identify critical artifacts from memory and analyze them for any malicious activity.

GNFA - GIAC Network Forensic Analyst

The GNFA certification assesses a candidate's knowledge of network forensics. The candidate must possess knowledge of common network protocols and their inherent risks, including wireless networks, various encryption and encoding techniques, and network proxies, as well as the ability to correlate network logs with other log sources to perform advanced analysis.

GASF - GIAC Advanced Smartphone Forensics

The GASF certification tests a candidate’s knowledge of forensic examinations of mobile phones and tablets. The candidate must possess knowledge around mobile OS platforms such as iOS, Android and Blackberry, including file system knowledge. Candidates must also know how to analyze and interpret user activity; know how to securely collect, store and backup evidence; and understand the tools and techniques used to identify mobile malware and decompile it.

GREM - GIAC Reverse Engineering Malware

The GREM certification is one of the most advanced-level certifications that GIAC offers. The certification assesses a candidate’s knowledge of assembly languages (for both 32 bit and 64 bit), static and dynamic analysis of malware, using memory forensics for malware analysis, uncovering malicious executables and browser scripts, and using debuggers and dissemblers.

GWEB - GIAC Web Application Defender

The GWEB certification requires candidates to demonstrate and understand various weaknesses in web applications. The certification assesses a client’s knowledge of access control attacks and mitigation strategies, AJAX and attacks around it, injection attacks such as SQL and command injection, and XSS and CSRF attacks and their mitigation, as well as knowledge of various configurations of hardening and secure architecture of web applications.

GSSP-JAVA - GIAC Secure Software Programmer - Java

The GSSP-JAVA certification requires the candidate to possess skills around writing secure code and identifying weakness in existing Java code. This certification assesses the candidate’s understanding of the Java platform's features around authentication and authorization, session management and cryptography.

GSSP-NET - GIAC Secure Software Programmer - .Net

The GSSP-NET certification requires the candidate to possess skills in writing secure code and identify weakness in existing .Net code. This certification assesses the candidate’s understanding of .Net Framework security, .Net authentication & authorization, .Net data validation, .Net encryption, .Net error handling and .Net session management.

Meet some people who we’ve helped get certified

I have attended 4 other workshops like this but InfoSec's is by far the best one, and I already have recommended them to my colleagues and other IT professionals. I believe that a student's learning experience is reflective of the teacher's aptitude and knowledge on the subject and the skill to covey the information. Great instructor, great class.
Without any question, InfoSec has the most gifted individual instructors. Our instructor for this class was both an excellent educator and a premier/world class security expert. He was able to clearly explain and impart to the students, the most complicated security techniques I have ever heard of or imagined. I simply can not find the words to recommend him and Infosec security training more highly.