Introducing GIAC’s New Certification Journey

With the ever-changing cybersecurity landscape, GIAC continues to evolve and expand its certification offerings.

December 5, 2024

This blog was originally published on April 24, 2023 and updated on December 5, 2024.

GIAC's new certification programs offer a high degree of flexibility so you can create your own path to success. These new GIAC offerings provide you with multiple avenues to demonstrate your knowledge and expertise and obtain some of the most highly valued credentials in the industry. 

New Certification Categories 

GIAC offers two categories of stackable certifications to meet the needs of different professionals: Practitioner Certifications and Applied Knowledge Certifications.

Practitioner Certifications 

To help you begin your new certification journey, GIAC has taken their 40+ preexisting certifications that you know and love and added them to a new Practitioner Certifications category. The certifications from this category will lay the foundation for your cybersecurity career. 

Practitioner Certifications are ideal if you are starting your certification journey or looking to continue on your path to become certified as a GIAC Security Professional or GIAC Security Expert. These certifications span the breadth of information security, providing specialized, job-focused tasks across industry focus areas, including offensive operations, cyber defense, cloud security, management, Digital Forensics and Incident Response (DFIR), and Industrial Control Systems. Every Practitioner certification has a specific affiliate training course to help you learn the skills included in the exam objectives. 

Applied Knowledge Certifications 

GIAC’s NEW Applied Knowledge Certifications truly test your mettle. That is to say, these tests are hard! Only the most studied and prepared individuals should pursue an Applied Knowledge certification. They are designed to provide you with the most comprehensive and rigorous assessment of your knowledge and skills. Imagine the hardest GIAC certification exam you’ve ever taken: Applied Knowledge Certifications are even more difficult. And for good reason. These new certification exams test your skills at the highest level, requiring you to apply your technical expertise and hands-on experience to solve complex security scenarios.  

The Applied Knowledge Certifications are ideal if you wish to challenge yourself, truly demonstrate your mastery in your field, and set yourself apart from your peers. 

Unlike the Practitioner Certifications, the Applied Knowledge Certifications are not linked to any training courses. While studying materials from related affiliate courses is recommended, you should focus on the exam objectives provided to guide your study. A set of demo questions are available to understand the intensity of the exam.

GIAC now offers six Applied Knowledge Certifications, with three new certifications recently added to the lineup, the GX-FA, GX-FE, and GX-PT. Additional certifications are planned to roll out regularly, ensuring professionals have access to the latest hands-on validation of cybersecurity skills.

GIAC Experienced Forensic Analyst Certification

(GX-FA)

The GIAC Experienced Forensic Analyst (GX-FA) candidate will perform work on a Windows 10 SIFT workstation which includes a WSL Ubuntu shell containing the SANS SIFT Linux distribution. The host has a variety of GUI based and command line utilities for use during the exam including but not limited to tools for Windows forensics artifact processing and analysis, image mounting and volatile memory analysis.

Learn More

GIAC Experienced Forensics Expert

(GX-FE)

The GIAC Experienced Forensic Examiner (GX-FE) demonstrates that a candidate is qualified for a hands-on Windows forensic analyst role. Certification holders will have validated their ability to analyze a Windows host to uncover evidence that proves a user performed a particular activity on the device.

Learn More

GIAC Experienced Penetration Tester Certification

(GX-PT)

The GIAC Experienced Penetration Tester (GX-PT) Certification demonstrates that a candidate is qualified for hands-on red and purple-team penetration testing roles that require advanced skills, thorough comprehension of pentesting methods and approaches, and the ability to think critically in a time-restricted situation. Certification holders will validate their ability to map networks, identify vulnerabilities, and exploit hosts in various environments through a diverse set of tasks.

Learn More

GIAC Experienced Cybersecurity Specialist Certification

(GX-CS)

The GIAC Experienced Cybersecurity Specialist Certification (GX-CS) further demonstrates that a candidate is qualified for hands-on IT systems roles. Certification holders will validate their ability to solve complex multifaceted problems through new and diversified security practices and tasks.

Learn more

GIAC Experienced Intrusion Analyst Certification

(GX-IA)

The GIAC Experienced Intrusion Analyst Certification (GX-IA) further demonstrates that a candidate is qualified to solve complex and unique challenges that Intrusion Analysts encounter. Certification holders will validate their ability to solve multi-step problems through incorporating various concepts and methodologies to identify malicious activity.

Learn more

GIAC Experienced Incident Handler Certification

(GX-IH)

The GIAC Experienced Incident Handler Certification (GX-IH) further demonstrates a candidate’s superior incident response skills. Mastery of hands-on attacker techniques combined with incident response tools and practices validate that certification holders have the skills and knowledge to take teams to the next level.

Learn more

Portfolio Certifications 

Lastly, GIAC has created its NEW Portfolio Certifications. Think of your GIAC certification portfolio as a passport for your certification journey. As you gain more certifications, you add them to your certification portfolio, like a map of your certification journey.  

So then, how does it work? 

GIAC offers two categories of stackable certifications to meet the needs of different professionals: Practitioner Certifications and Applied Knowledge Certifications. Candidates can choose from a wide range of certifications to create a unique portfolio of credentials that demonstrate their expertise in a specific field or across multiple focus areas. Those who build portfolios to become GIAC Security Professionals (GSPs) may choose to advance to the highest level of GIAC certification, the GIAC Security Expert (GSE). 

Portfolio Benefits 

You can choose from a wide range of certifications to create a unique portfolio of credentials that demonstrate your expertise in a specific field or across multiple focus areas. 

GIAC Certification Portfolios

The great thing about GIAC’s new Portfolio certifications is that it provides flexibility to combine and “stack” any number of certifications. This stackability allows you to continuously build upon one or more skills or focus areas, making you a more valuable asset to your employer. The GIAC Portfolio certifications allow you to pursue a new level of mastery with the GSP and the ultimate level of mastery with the updated GSE. 

NEW! GIAC Security Professional (GSP) 

GIAC’s Security Professional (GSP) Portfolio Certification is achieved by successfully completing any three Practitioner Certifications and any two Applied Knowledge CertificationsSelect your certifications to focus where you are interested. Your portfolio can be built over any period of time as long as your certifications remain active. Upon becoming a GSP, you will be presented with a GIAC Security Professional Coin.

Building your certification portfolio to become a GSP proves your depth and breadth of knowledge. The GSP is a new milestone on your journey to becoming a GSE.

UPDATED! GIAC Security Expert 

GIAC’s Security Expert (GSE) Portfolio Certification is the most prestigious credential in the IT security industry. Those who achieve the GSE certification have proven their elite status as top information security practitioners in the field.

The GSE is achieved by successfully completing any six Practitioner Certifications and any four Applied Knowledge Certifications. Like the GSP, you can take as long as you want to complete your GSE as long as your certifications remain active. Upon becoming a GSE, you will be presented with a GIAC Security Expert Coin. 

 “The GSE certification offered a specific challenge--a goalpost that I could pursue intentionally. It motivated me to learn skills outside my comfort areas and offered a framework within which I could grow as a security professional. As with other meaningful pursuits, GSE was more about the journey than the destination for me. As I attained and applied knowledge, I met people along the way who became my colleagues and collaborators. And I gained confidence in my learning abilities, which allowed me to continue to excel even after earning GSE.” -Lenny Zeltser | GSE #2, SANS Institute Fellow Instructor

How Has the GSE Evolved? 

The GSE continues to evolve its certifications to ensure that the best of the best is recognized in the cybersecurity industry. The preselected, limited prerequisites have been broadened, allowing the complete catalog of GIAC Practitioner exams to qualify towards earning your GSE. 

The other significant evolution is the ability to prove your hands-on skills in more areas through the Applied Knowledge Certifications in place of the in-person multi-day lab. 

 

Updated GSE Benefits 

Benefits of the updated GIAC GSE certification include: 

  • Flexibility. Everyone’s path is different. By customizing your certification journey, you can prove your expertise in the areas that fit your career. 
  • Accessibility. You can now access the GSE exam from anywhere in the world, without having to travel. 
  • Prestige. Those who earn the GSE are known as possessing the highest level of excellence in their industries.
 “I don't get certs to impress anyone else. I do it for me. I'll get out of my defender comfort zone and conquer that fear of ’What if I'm not good enough?’" -Danny Akacki | GPEN

How do I maintain my GSP or GSE?

To maintain GSP or GSE status, you'll need to maintain the minimum number of certifications for your certifciation portfolio —

GSP: 3 GIAC Practitioner Certifications and 2 GIAC Applied Knowledge Certifications

GSE: 6 GIAC Practitioner Certifications and any 4 GIAC Applied Knowledge Certifications.

Find more information on GIAC Certification Renewal here.

Why Certify with GIAC? 

Research continually shows credentialed employees are more empowered and contribute greater value to their organization. 
  • 92% of certified candidates gain a sense of personal validation which they say gives them more confidence in their abilities. 
  • 81% feel more confident in exploring new opportunities within their company or abroad. 
  • And probably most important, 82% of companies prefer hiring candidates who possess certifications. 

Certifications are a critical part of cybersecurity training. Research shows that testing increases learning and retention levels.  

The testing effect

So, where are you on your GIAC cybersecurity certification journey? 

Whether you are interested in leveling up your cybersecurity skills, proving your mastery of cybersecurity principles, or just starting your cybersecurity journey, GIAC’s Practitioner, Applied Knowledge, and Portfolio Certifications provide you with ability to verify your skills and further your career. 

To learn more about GIAC’s New Cybersecurity Certification Journey, please visit https://giac.org/get-started/.