GIAC’s Founding & Mission

GIAC Certifications (previously Global Information Assurance Certification) was founded in 1999 to validate the skills of information security professionals. GIAC's purpose is to provide assurance that a certified individual has the knowledge and skills necessary for a practitioner in key areas of computer, information, and software security. GIAC certifications are trusted by thousands of companies and government agencies worldwide. GIAC certifications are unique because they measure specific skills and knowledge areas rather than general infosec knowledge. GIAC certifications are valid for four years. Students must review new course information and retake the exams or earn 36 CPEs every four years to remain certified. Different education and certification tracks are available for the following categories:

Program Growth

GIAC was the first true technical infosec certification. The first GIAC professionals were certified in February of 2000, and just under 1,000 candidates were certified in our first year alone. Currently to date, 173,822 GIAC certifications have been issued.

There are no prerequisites required to begin any of the GIAC certification attempts; however, we highly recommend taking a training course before your test. Even experienced infosec professionals will benefit from a review of various subject areas before the exam. Certification attempts have a 4-month access window, giving candidates adequate time to prepare for the certification exam.

470x382-start-journey.jpg

Ready to get certified? Start your GIAC certification journey here.

GIAC Disclaimer

The GIAC certification program only offers certification attempts to individual candidates, including verification of individual identity at multiple steps. SANS is the sole source for GIAC certification exams and exam vouchers. GIAC does not permit the resale or transfer of any certification registration or GIAC exam voucher. Each certification attempt purchased is non-transferable and any certification application / registration instance is intrinsically tied to one and only one individual account.