Cyber Security Certification: GOSI
GIAC Open Source Intelligence (GOSI)
"As the first and only non-vendor specific, industry-wide OSINT certification, the GIAC Open Source Intelligence (GOSI) certification represents a huge milestone in the worlds of open source intelligence and cyber reconnaissance. It creates a marker from which students can be recognized for their achievements and competence in the OSINT field of study. Whether they are performing social media analysis of a target or just "fancy googling," the GOSI certification shows they have a strong foundation in OSINT." -Micah Hoffman, SEC487 Course Author
Areas Covered
- Open Source Intelligence Methodologies and Frameworks
- OSINT Data Collection, Analysis, and Reporting
- Harvesting Data from the Dark Web
Who is GOSI for?
- Cyber Incident Responders
- Digital Forensics (DFIR) analysts
- Penetration Testers
- Social Engineers
- Law Enforcement
- Intelligence Personnel
- Recruiters
- Private Investigators
- Insurance Investigators
- Human Resources Personnel
- Researchers
Requirements
- 1 proctored exam
- 75 questions
- Time limit of 2 hours
- Minimum Passing Score of 76%
Delivery
NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE. Click here for more information.
GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt.
Exam Certification Objectives & Outcome Statements
The topic areas for each exam part follow:
- Dark Web
- The candidate will be able to utilize the dark web to perform data collection.
- General Data Collection
- The candidate will be able to collect, analyze, and report on personal data including usernames, contact information, images, maps, and other publicly available data.
- Government and Enterprises
- The candidate will be able to use government provided data and other data sources to research businesses and government activity, including breach data.
- Network Data
- The candidate will be able to discover and inspect information about domains, IP addresses, and networks.
- OSINT Foundations
- The candidate will recognize the goals of OSINT and the data collection life cycle, including be able to implement an OSINT process through the use of a secure data collection & documentation platform.
- OSINT Frameworks and Tools
- The candidate will be able to use frameworks, recon suites, and search engines to aid in the harvesting and analysis of data.
- Social Media
- The candidate will be able to collect, analyze, and report on social media data, including an understanding of the use of sock puppets.
*No Specific training is required for any GIAC certification. There are many sources of information available regarding the certification objectives' knowledge areas. Practical experience is an option; there are also numerous books on the market covering Computer Information Security. Another option is any relevant courses from training providers, including SANS.*
Other Resources
- Training is available in a variety of modalities including live conference training, online, and self study.
- Practical work experience can help ensure that you have mastered the skills necessary for certification.
- College level courses or study through another program may meet the needs for mastery.
- The procedure to contest exam results can be found at https://www.giac.org/about/procedures/grievance.
