GIAC Cloud Security Automation (GCSA) icon

GIAC Cloud Security Automation (GCSA)

Practitioner Certification

The GIAC Cloud Security Automation (GCSA) certification validates a practitioner's understanding of the DevSecOps methodology and toolchains, and skill in implementing security controls throughout automated secure DevOps pipelines. GCSA certification holders have demonstrated knowledge of the tools, security controls, and configuration required to improve reliability, integrity, and security of cloud-hosted systems.

Accreditations:

Areas Covered

  • DevOps and DevSecOps fundamentals, Secure Infrastructure and Configuration Management
  • Securing Cloud Architecture, Continuous Security Monitoring
  • Data and Secrets Protection, Compliance
  • Security and Automation related to Deployment, Runtime and Content Delivery

Who is GCSA for?

  • Anyone working in a public cloud or DevOps environment
  • Developers
  • Software architects
  • Operations engineers
  • System administrators
  • Security analysts and engineers
  • Auditors
  • Risk managers
  • Security consultants

Exam Format

  • 1 proctored exam
  • 75 questions
  • 2 hours
  • Minimum passing score of 61%

Delivery

NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE. Click here for more information.

GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt.

Exam Certification Objectives & Outcome Statements

  • Microservice Security
    The candidate will demonstrate an understanding of microservice architecture and implementation in a DevOps environment. The candidate will show familiarity with the architecture's attack surface and appropriate security controls used in various architectural designs and conditions.
  • Automated Remediation
    The candidate wil show familiarity with event-based monitoring systems, alerting and security automation tools, and cloud management tools like Cloud Custodian.
  • Compliance as Code
    The candidate will demonstrate an understanding of the Secure DevOps auditing controls and how to leverage automated scanners to automate policy requirements.
  • Configuration Management as Code
    The candidate will demonstrate an understanding of managing infrastructure using programmable configuration management toolsets. The candidate will demonstrate an understanding of the new attack surfaces presented by CI, CD, and CM tools and familiarity with techniques for how to harden these tools.
  • Container Security
    The candidate will demonstrate an understanding of container security issues, hardening containerized environments, container orchestration tools, and running these workloads in the cloud.
  • Continuous Security Monitoring
    The candidate will demonstrate an understanding of what metrics and monitoring tools are needed to inform security efforts in cloud and DevOps environments. The candidate will show familiarity with how this data is collected, parsing log files, network collection, setting thresholds, and alerting the security team.
  • Deployment Orchestration and Secure Content Delivery
    The candidate will demonstrate an understanding of deployment patterns, such as canary and blue/green deployment processes, their benefits, and how to choose which approach is appropriate for a given situation. The candidate will demonstrate familiarity with the purposes and issues involved with using Content Delivery Networks (CDN). The candidate will show understanding of methods to safely bypass the Same Origin Policy, CDN configuration practices and issues, and demonstrate ways that access to CDN content can be controlled securely.
  • DevOps Fundamentals
    The candidate will demonstrate familiarity with Secure DevOps fundamentals and culture, including terminology, automation, cloud infrastructure integration, and security risks.
  • DevSecOps Security Controls
    The candidate will demonstrate an understanding of the DevOps deployment pipeline and security considerations for each step of the Continuous Delivery and Continuous Integration processes.
  • Kubernetes Security
    The candidate will demonstrate an understatnding of container runtimes and orchestrators, such as Kubernetes, and their security. The candidate will show familiarity with Kubernetes access control, namespaces, service accounts, secrets, and AWS and Azure Kubernetes Services, as well as container runtime security controls.
  • Runtime Security Protection
    The candidate will demonstrate an understanding of virtual patching in the cloud using Security as a Service, such as the Web Application Firewall. The candidate will demonstrate an understanding of how to configure those services to protect against common website attacks.
  • Secrets Administration
    The candidate will demonstrate an understanding of cloud secret keepers and vaults. The candidate will demonstrate an understanding of storing and retrieving sensitive data in these services.
  • Secure Infrastructure as Code
    The candidate will demonstrate an understanding of setting up and managing cloud infrastructure via code. The candidate will show familiarity with cloud provider and third-party tools used to manage cloud infrastructure resources.
  • Securing Cloud Architecture
    The candidate will demonstrate an understanding of securing cloud architecture using Continuous Integration / Continuous Deployment / Continuous Delivery pipelines. The candidate will show familiarity with Azure and AWS toolsets to track work items, code, test, build, and release, and how each stage is secured and automated.
  • Serverless Security
    The candidate will demonstrate familiarity with serverless architectures, their features, advantages, security concerns, and tactics for deploying effective security in serverless implementations.

Other Resources

  • Training is available in a variety of modalities including live training and OnDemand
  • Practical work experience can help ensure that you have mastered the skills necessary for certification.
  • College level courses or self paced study through another program or materials may meet the needs for mastery.
  • Get information about the procedure to contest exam results.

Practice Tests

  • These tests are a simulation of the real exam allowing you to become familiar with the test engine and style of questions.
  • Practice exams are a gauge to determine if your preparation methods are sufficient.
  • The practice bank questions are limited so you may encounter the same question on practice tests when multiple practice tests are purchased.
  • Practice exams never include actual exam questions.
  • Purchase a GCSA practice test here.
  • GIAC recommends leveraging additional study methods for test preparation.

Find Affiliate Training

Explore affiliate training options to prepare for your GIAC certification exam.