Cybersecurity Certifications

Cybersecurity Certifications

Cloud Security Certifications

Securing the cloud is now essential across our global infrastructure. GIAC's cloud security certifications are designed to help you master the practical steps necessary for defending systems and applications in the cloud against the most dangerous threats. From web application security and DevOps automation to cloud-specific penetration testing - across public cloud, multi-cloud, and hybrid-cloud scenarios - we've got the credentials both professionals and organizations need to ensure cloud security at any enterprise.

GIAC with CyberLive

Real world, virtual machine testing for specialized certifications

CyberTalent Assessments

Measure your skills and competency levels to decide what's next

Cloud Security Techniques

Prove your ability to defend systems and applications in the cloud.

Learn More

Cloud Penetration Testing

Prove your mastery of cloud penetration testing and ethical hacking skills.

Learn More

"An understanding of vulnerability management and cloud security is becoming not only valuable, but a necessity to keep one's organization secure in this constantly changing and dynamic environment." - Kae David, GSEC


Cloud Security Techniques Certifications

GIAC Certified Web Application Defender (GWEB)

GWEB certification holders have the knowledge, skills, and abilities to secure web applications and recognize and mitigate security weaknesses in existing web applications.

  • Using current tools to detect and prevent input validation flaws
  • Cross-site scripting (XSS) and SQL injection
  • Authentication, access control, and session management weaknesses and defense

Affiliated Training: SEC522: Defending Web Applications Security Essentials



GIAC Cloud Security Automation (GCSA)

The GCSA certification covers cloud services and modern DevSecOps practices that are used to build and deploy systems and applications more securely.

  • Using cloud services with Secure DevOps principles, practices, and tools to build & deliver secure infrastructure and software
  • Automating Configuration Management, Continuous Integration, Delivery, and Monitoring
  • Use of open-source tools, the Amazon Web Services toolchain, and Azure services

Affiliated Training: SEC540: Cloud Security and DevOps Automation



Cloud Penetration Testing Certifications

GIAC Cloud Penetration Tester (GCPN)

The GCPN certification validates a practitioner's ability to conduct cloud-focused penetration testing and assess the security of systems, networks, architecture, and cloud technologies.

  • Cloud Penetration Testing Fundamentals, Environment Mapping, and Service Discovery
  • AWS and Azure Cloud Services and Attacks
  • Cloud Native Applications with Containers and CI/CD Pipelines

Affiliated Training: SEC588: Cloud Penetration Testing