Certifications: Gold Overview

Certifications:

GIAC Gold status demonstrates that the certification holder understands and can communicate the knowledge and skills necessary in key areas of information security. GIAC Gold is your chance to shine and demonstrate not only your technical knowledge, but also your ability to write clearly. Once a Gold paper has been approved, it will be published in our Reading Room.

Candidates pursuing GIAC Gold status will work closely with an advisor to develop their technical report. Once complete, the technical report will be approved by the advisor for acceptance into the SANS Reading Room.

See current Gold Papers at The SANS Reading Room.


How to Apply

To suggest GIAC Gold topics, please use https://isc.sans.edu/goldtopics

Once you have earned a GIAC certification, you will have the option to apply for GIAC Gold. This option will appear in the Certification History section of your GIAC Exam Engine. Your certification must be valid while you are working on a Gold paper, so if your certification status is up for recertification during this process, you must complete the recertification attempt before your Gold paper can be accepted.

  • Log into your portal account.
  • Click on the "Certification History" link.
  • Click on the "Go Gold" link for the respective certification.
  • Complete the application form. The more initial information you provide on your proposed topic, the more likely it is to be accepted right away.
  • Your application will be reviewed in 1-2 weeks, at which point you will be assigned an advisor.
  • Pay a $499 fee once the application has been approved.
  • You will be contacted by a GIAC Gold Advisor within 5 business days.
  • If your application is rejected, you will be able to submit a revised application.

Process

  • GIAC Gold papers must be completed within 6 months of acceptance of the concept and receipt of payment.
  • An advisor will be assigned to you, and will be available to help you throughout the entire process.
  • Plan to start with a detailed outline and abstract within the first few days of the process.
  • A final concept, which should include a title, abstract and high level outline should be submitted within 10 days after the initial concept was accepted.
  • A final draft of the paper should be submitted no later than 5 month into the process.
  • By the end of the 6 months, the final draft of the Gold paper must be submitted to the advisor for official GIAC review.
  • The paper must also be reviewed and endorsed by at least 2 other advisors before Gold status can be granted.
  • Once the paper has been endorsed, it will be published in the SANS Reading Room with the author's name as well as the advisor's name.

A one-time only, 3 month extension may be granted if it is supported by your advisor. The cost for this extension is $269. Failure occurs if the paper does not reach an appropriate level of quality within the time allotted.

Grading

Your advisor will use the following grading rubric to evaluate your paper. Please make sure you and your advisor understand if the technical or management version of the rubric applies to your paper. A paper is considered a "pass" if you reach 70% (or a score of 49).

A paper can not pass if it exceeds 30 pages. All pages, including cover page and reference section count against this limit. An optional appendix does not count against the page limit. An Appendix may be appropriate to include long code listings or log files.

  • GIAC Gold Rubric
    (Thanks to our advisor Kees Leune for organizing this rubric.)

Advisors

GIAC Gold Advisors are drawn from experts in the field and the top performing certified individuals for a given certification. Each advisor has a proven track record in ability, interest, and participation in the security community.

Why would anyone want to serve as a Gold program advisor? Well, there are several reasons:

  • Advisors do get paid for their work as their time and input is invaluable to GIAC, the GIAC Gold candidate, and the security community.
  • Advisors play a significant role in the direction of continued research in their field.
  • Being an advisor is a great way to stay up on the latest changes in your field.
  • GIAC is the prominent worldwide information security certification and the GIAC Gold program advisors help us to maintain that path. They are the backbone to the program and a huge pillar supporting the defensive information community.

If you're interested in becoming a GIAC Gold Advisor, you may apply to be an advisor here.

Grievance Procedure

If a Gold program applicant or advisor would like to report a problem with a process or person, the following procedure should be followed.

  1. Send an email to ombudsman@giac.org with as much information and documentation of the situation as possible. Applicants should include their full name, registered email address, Portal ID, advisor's name, and any other contact information appropriate.
  2. The GIAC Ombudsman will contact the plaintiff to confirm the complaint has been received within five days.
  3. The GIAC Ombudsman will then review the situation as documented, and contact all applicable parties to discuss the problem.
  4. Within 15 days, the GIAC ombudsman will compile the information and present it by e-mail to the SANS Chief Research Officer along with recommendations on how to remedy the situation in a fair manner.
  5. The Chief Research Officer will send the student or advisor an e-mail response within 15 days with an explanation of the reasons for his decision. The decision of the Chief Research Officer will stand as final.
  6. In the event that the Ombudsman or Chief Research Officer are not reasonably available to make a decision within the above timelines, then the Deputy Director shall perform the function of the Ombudsman or Chief Research Officer as applicable.