The Global Information Assurance Certification (GIAC®) entity was founded by the SANS Institute in 1999. GIAC certifications cover a wide variety of security domains and vary from management and leadership to deep levels of penetration testing, reverse engineering and more. We offer courses to train and prepare you for the following GIAC certification exams.

Find a course for you

GSEC - GIAC Security Essentials

The GSEC certification is more advanced than GISF and tests more in-depth knowledge of security concepts. This includes an understanding of theoretical topics, including access control theory, legal aspects of incident handling and incident handling fundamentals, as well as more practical aspects, such as dealing with wireless attacks, implementing defense in depth, reading packets and securing Windows Server services.

GPEN - GIAC Penetration Tester

The GPEN certification assesses a candidate's knowledge of network and system design as well as how to discover vulnerabilities. It tests a candidate's knowledge around performing advanced password attacks, scanning for vulnerabilities, scanning for and profiling interesting targets, carrying out post exploitation methods and performing web application attacks. Candidates should possess basic knowledge of exploitation and the pentesting process.

GCIH - GIAC Certified Incident Handler

The GCIH is an entry-level certification in the penetration testing domain. It tests a candidate’s knowledge around understanding an incident, detecting an incident, using various tools to understand attacker tactics and understanding different types of attacks, such as buffer overflows, password attacks, session hijacking, the OWASP Top 10 and more.

GCIA - GIAC Certified Intrusion Analyst

The GCIA certification tests a candidate’s knowledge of configuring and monitoring intrusion detection systems to analyze network traffic. Candidates must possess skills such as IDS tunneling and application layer protocol dissection as well as an understanding of fragmentation attacks, IDS/IPS fundamentals, IP packet header analysis and working knowledge of important tools, such as tcpdump and Wireshark.

GWAPT - GIAC Web Application Penetration Tester

The GWAPT certification focuses on web application pentesting and requires the candidate to have in-depth knowledge of how some known web application attacks work. Examples of attacks include cross site request forgery (CSRF), cross site scripting (XSS) and injection attacks, such as SQL injection and command injection. Candidates should also know how to profile an application and look for weak areas.

GNFA - GIAC Network Forensic Analyst

The GNFA certification assesses a candidate's knowledge of network forensics. The candidate must possess knowledge of common network protocols and their inherent risks, including wireless networks, various encryption and encoding techniques, and network proxies, as well as the ability to correlate network logs with other log sources to perform advanced analysis.

GCWN - GIAC Certified Windows Security Administrator

The GCWN certification assesses the candidate’s knowledge of securing Windows components such as PKI, IPsec, Group Policy and PowerShell. The candidate must possess skills to configure endpoint protection on Windows, including AppLocker, firewalls and Windows audit policies as well as the ability to plan and implement PKI and secure PowerShell through code signing, constraint modes, and user access control restrictions.

GCFA - GIAC Certified Forensic Analyst

The GCFA is an advanced-level forensic certification that assesses a candidate's knowledge and skills in conducting a typical incident investigation. The candidate must possess the ability to identify malicious activity on systems, analyze the timeline of activities, and collect and analyze data from volatile data sources. Candidates must also have a thorough understanding of Windows artifacts and know how to identify critical artifacts from memory and analyze them for any malicious activity.

GMON - GIAC Continuous Monitoring Certification

The GMON certification tests the candidate’s knowledge of assessing and implementing defensible security architecture and its continuous monitoring. Candidates must possess the skills to control privilege levels of accounts and applications, knowledge of HIPS/HIDS/NIPS/NIDS/NGFW, understanding of security baseline configurations, knowledge of proxies and SIEM for continuous monitoring, and understanding of how to protect the perimeter from known attacks.

GPPA - GIAC Certified Perimeter Protection Analyst

The GPPA certification assess a candidate's knowledge around designing and configuring routers, switches and firewalls. This exam tests understanding around cloud stack models and perimeter security, basics of IP and ICMP version 6, implementation and configuring of NIPS/NIDS, understanding around wireless networks and security, and techniques such as stateful and static packet filtering.

GREM - GIAC Reverse Engineering Malware

The GREM certification is one of the most advanced-level certifications that GIAC offers. The certification assesses a candidate’s knowledge of assembly languages (for both 32 bit and 64 bit), static and dynamic analysis of malware, using memory forensics for malware analysis, uncovering malicious executables and browser scripts, and using debuggers and dissemblers.

Meet some people who we’ve helped get certified

Without any question, InfoSec has the most gifted individual instructors. Our instructor for this class was both an excellent educator and a premier/world class security expert. He was able to clearly explain and impart to the students, the most complicated security techniques I have ever heard of or imagined. I simply can not find the words to recommend him and Infosec security training more highly.
I have attended 4 othe workshops like this but Infosec's is by far the best one and I already have recommended them to my colleagues and other IT Professionals. I believe that a students learning experience is reflective of the teacher's aptitude and knowledge on the subject and the skill to covey the information. Great instructor, great class.