Cybersecurity Certifications

Cybersecurity Certifications

Cloud Security Certifications

Securing the cloud is now essential across our global infrastructure. GIAC's cloud security certifications are designed to help you master the practical steps necessary for defending systems and applications in the cloud against the most dangerous threats. From web application security and DevOps automation to cloud-specific penetration testing - across public cloud, multi-cloud, and hybrid-cloud scenarios - we've got the credentials both professionals and organizations need to ensure cloud security at any enterprise.

GIAC with CyberLive

Real world, virtual machine testing for specialized certifications

CyberTalent Assessments

Measure your skills and competency levels to decide what's next

Cloud Security Techniques

Prove your ability to defend systems and applications in the cloud.

Learn More

Cloud Penetration Testing

Prove your mastery of cloud penetration testing and ethical hacking skills.

Learn More

"An understanding of vulnerability management and cloud security is becoming not only valuable, but a necessity to keep one's organization secure in this constantly changing and dynamic environment." - Kae David, GSEC

Cloud Security Techniques Certifications

GIAC Cloud Security Essentials (GCLD)

The GCLD certification validates a practitioner's ability to implement preventive, detective, and reactionary techniques to defend valuable cloud-based workloads.

  • Evaluation of cloud service provider similarities, differences, challenges, and opportunities
  • Planning, deploying, hardening, and securing single and multi-cloud environments
  • Basic cloud resource auditing, security assessment, and incident response

Affiliated Training: SEC488: Cloud Security Essentials

GIAC Certified Web Application Defender (GWEB)

GWEB certification holders have the knowledge, skills, and abilities to secure web applications and recognize and mitigate security weaknesses in existing web applications.

  • Using current tools to detect and prevent input validation flaws
  • Cross-site scripting (XSS) and SQL injection
  • Authentication, access control, and session management weaknesses and defense

Affiliated Training: SEC522: Defending Web Applications Security Essentials

GIAC Cloud Security Automation (GCSA)

The GCSA certification covers cloud services and modern DevSecOps practices that are used to build and deploy systems and applications more securely.

  • Using cloud services with Secure DevOps principles, practices, and tools to build & deliver secure infrastructure and software
  • Automating Configuration Management, Continuous Integration, Delivery, and Monitoring
  • Use of open-source tools, the Amazon Web Services toolchain, and Azure services

Affiliated Training: SEC540: Cloud Security and DevOps Automation

GIAC Public Cloud Security (GPCS)

The GPCS certification validates a practitioner's knowledge of public cloud service providers, securing public cloud environments, and multi-cloud compliance.

  • Evaluation and comparison of public cloud service providers
  • Auditing, hardening, and securing public cloud environments
  • Introduction to multi-cloud compliance and integration

Affiliated Training: SEC510: Public Cloud Security: AWS, Azure, and GCP

Cloud Penetration Testing Certifications

GIAC Cloud Penetration Tester (GCPN)

The GCPN certification validates a practitioner's ability to conduct cloud-focused penetration testing and assess the security of systems, networks, architecture, and cloud technologies.

  • Cloud Penetration Testing Fundamentals, Environment Mapping, and Service Discovery
  • AWS and Azure Cloud Services and Attacks
  • Cloud Native Applications with Containers and CI/CD Pipelines

Affiliated Training: SEC588: Cloud Penetration Testing