GIAC Certifications: Incident Response And Forensics

GIAC Certifications:

Top Cyber Security Certifications for Incident Response, Forensics, and Threat Hunting

Becoming a GIAC Incident Response and Forensic Certified professional ensures that you have the knowledge and performance efficiency to hunt for cyber security threats and respond to incidents properly.

"I think the exam was both fair and practical. These are the kind of real world problems I expect to see in the field." - Carl Hallberg, GREM

Over 80% of all breach victims learn of a compromise from third-party notifications, not from internal security teams. In most cases, adversaries have been operating inside the victim's' network undetected for months or even years. A properly trained and GIAC Certified incident responder could be the only defense an organization has during a compromise. As a forensics investigator, you need to know what you're up against, and you need to have the most up-to-date knowledge of how to detect and fight it.

Incident Response and Forensics
  Certification Register
GCFA: GIAC Certified Forensic Analyst

Certified Forensic Analyst

For individuals working in InfoSec, digital forensics and incident response fields. The certification focuses on core skills required to collect and analyze data from Windows computer systems. GCFA holders have demonstrated the knowledge, skills, and ability to conduct formal incident investigations and handle advanced incident handling scenarios, including internal and external data breach intrusions, advanced persistent threats, anti-forensic techniques used by attackers, and complex incident response cases.

Affiliated Training:

FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics

GCFE: GIAC Certified Forensic Examiner

Certified Forensic Examiner

For professionals in InfoSec, intelligence, legal and law enforcement industries seeking to understand digital forensic analysis and media exploitation. The certification focuses on core skills required to collect and analyze data from Windows computer systems. GCFE holders have demonstrated the knowledge, skills, and ability to conduct deep-dive incident investigations including forensic analysis and reporting, evidence acquisition, browser forensics and tracing user and application activities on Windows systems.

Affiliated Training:

FOR500: Windows Forensic Analysis

GREM: GIAC Reverse Engineering Malware

Reverse Engineering Malware

For forensic investigators, incident responders, security engineers, and IT administrators responsible for protecting the organization from malicious code. GREM holders have demonstrated the knowledge and skills to analyze and reverse-engineer malicious software that targets common platforms, as well as how to examine inner-workings of malware in the context of forensic investigations, incident response, and Windows system administration.

Affiliated Training:

FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques

GNFA: GIAC Network Forensic Analyst

Network Forensic Analyst

For individuals seeking to demonstrate that they qualify to perform examinations employing network forensic artifact analysis. GNFA holders have demonstrated an understanding of the fundamentals of network forensics, normal and abnormal conditions for common network protocols, the process and tools used to examine device and system logs, wireless communication and encrypted protocols.

Affiliated Training:

FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response

GCTI: GIAC Cyber Threat Intelligence

Cyber Threat Intelligence

  • Strategic, Operational, and Tactical Cyber Threat Intelligence
  • Open Source Intelligence and Campaigns
  • Intelligence Applications and Kill Chain
  • Affiliated Training:

    FOR578: Cyber Threat Intelligence

GASF: GIAC Advanced Smartphone Forensics

Advanced Smartphone Forensics

For individuals seeking to demonstrate they are qualified to perform forensic examinations on smartphones and tablets. GASF holders have demonstrated an understanding of the fundamentals of mobile forensics, device file system analysis, smartphone application behavior, event artifact analysis and the identification and analysis of smart device malware.

Affiliated Training:

FOR585: Smartphone Forensic Analysis In-Depth

GBFA: GIAC Battlefield Forensics and Acquisition

Battlefield Forensics and Acquisition

Affiliated Training:

FOR498: Battlefield Forensics & Data Acquisition


Please Note: No training is required for a GIAC Certification