The GOSI certification confirms that practitioners have a strong foundation in OSINT methodologies and frameworks and are well-versed in data collection, reporting, and analyzing targets.

• Open Source Intelligence Methodologies and Frameworks
• OSINT Data Collection, Analysis, and Reporting
• Harvesting Data from the Dark Web

Affiliated Training: SEC487: Open-Source Intelligence (OSINT) Gathering & Analysis

The GCIA with CyberLive certification validates a practitioner's knowledge of network and host monitoring, traffic analysis, and intrusion detection.

• Fundamentals of Traffic Analysis and Application Protocols
• Open-Source IDS: Snort and Bro
• Network Traffic Forensics and Monitoring

Affiliated Training: SEC503: Intrusion Detection In-Depth

The GCWN certification validates a practitioner's ability to secure Microsoft Windows clients and servers and to configure and manage the security of Microsoft operating systems and applications.

• Defensible networking and endpoint protection
• Operating system and application hardening, PKI management
• Restricting administrative compromise and securing PowerShell

Affiliated Training: SEC505: Securing Windows and PowerShell Automation

The GMON certification confirms a practitioner's ability to deter intrusions, perform continuous security monitoring, and quickly detect anomalous activity.

• Security architecture and security operations centers (SOCs)
• Network security architecture and monitoring
• Endpoint security architecture, automation, and continuous monitoring

Affiliated Training: SEC511: Continuous Monitoring and Security Operations

The GDSA certification proves that practitioners can design and implement an effective combination of network-centric and data-centric controls to balance prevention, detection, and response.

• Defensible Security Architecture: network-centric and data-centric approaches
• Network Security Architecture: hardening applications across the TCP/IP stack
• Zero Trust Architecture: secure environment creation with private, hybrid or public clouds

Affiliated Training: SEC530: Defensible Security Architecture and Engineering

The GCDA certification proves an individual knows how to collect, analyze, and tactically use modern network and endpoint data sources to detect malicious or unauthorized activity.

• SIEM Architecture and SOF-ELK
• Service Profiling, Advanced Endpoint Analytics, Baselining and User Behavior Monitoring
• Tactical SIEM Detection and Post-Mortem Analysis

Affiliated Training: SEC555: SIEM with Tactical Analytics

GCUX certification holders have the knowledge, skills and abilities to secure and audit UNIX and Linux systems, and are able to use multiple tools to handle security issues.

• Hardening Linux/Unix systems
• Linux application security
• Digital forensics for Linux/Unix

The GISF certification validates a practitioner's knowledge of security's foundation, computer functions and networking, introductory level cryptography, and cybersecurity technologies.

• Cyber security terminology and the basics of computer networks
• Security policies and incident response
• Passwords and introduction to cryptographic principles

Affiliated Training: SEC301: Introduction to Cybersecurity

The GSEC certification validates a practitioner's knowledge of information security beyond simple terminology and concepts.

• Active defense, defense in depth, access control & password management
• Defensible network architecture, networking & protocols, and network security
• Incident handling & response, vulnerability scanning and penetration testing
• Linux security, cryptography, and windows security
• Security policy, contingency plans, critical controls and IT risk management
• Web communication security, virtualization and cloud security, and endpoint security

Affiliated Training: SEC401: Security Essentials Bootcamp Style

The GCED certification assesses more advanced, technical skills that are needed to defend the enterprise environment and protect an organization as a whole.

• Defensive network infrastructure
• Packet analysis and penetration testing
• Incident handling and malware removal

Affiliated Training: SEC501: Advanced Security Essentials - Enterprise Defender

The GCIH with CyberLive certification focuses on methods used to detect, respond, and resolve computer security incidents.

• Incident Handling and Computer Crime Investigation
• Computer and Network Hacker Exploits
• Hacker Tools (Nmap, Nessus, Metasploit and Netcat)

Affiliated Training: SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling

The GISP certification validates a practitioner's knowledge of the 8 domains of cybersecurity knowledge as determined by (ISC)2 that form a critical part of CISSP® exam.

• Asset Security, Communications and Network Security, and Identity and Access Management
• Security and Risk Management, Security Assessment and Testing
• Security Engineering, Security Operation, and Software Development Security

Affiliated Training: MGT414: SANS Training Program for CISSP® Certification

The GDAT certification is unique in how it covers both offensive and defensive security topics in-depth.

• Advanced persistent threat models and methods
• Detecting and preventing payload deliveries, exploitation, and post-exploitation activities
• Using cyber deception to gain intelligence for threat hunting and incident response

Affiliated Training: SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses