Digital Forensics and Incident Response Certifications

It takes intuition and specialized skills to find hidden evidence and hunt for elusive threats. GIAC's Digital Forensics and Incident Response certifications encompass abilities that DFIR professionals need to succeed at their craft, confirming that professionals can detect compromised systems, identify how and when a breach occurred, understand what attackers took or changed, and successfully contain and remediate incidents. Keep your knowledge of detecting and fighting threats up to date - and your work role secure - with DFIR certifications.

Operating System & Device In-Depth Certifications

Prove your ability to detect, respond to, and recover from an attack.

GIAC iOS and macOS Examiner (GIME)

GIAC Battlefield Forensics and Acquisition (GBFA)

CyberLive

GIAC Certified Forensic Examiner (GCFE)

GIAC Advanced Smartphone Forensics Certification (GASF)

New

CyberLive

GIAC Experienced Forensics Examiner (GX-FE)

Incident Response & Threat Hunting Certifications

Prove your mastery of essential skills needed to defend the enterprise.

New

CyberLive

GIAC Enterprise Incident Response (GEIR)

New

CyberLive

GIAC Cloud Forensics Responder (GCFR)

CyberLive

GIAC Certified Forensic Analyst (GCFA)

CyberLive

GIAC Network Forensic Analyst (GNFA)

CyberLive

GIAC Cyber Threat Intelligence (GCTI)

CyberLive

GIAC Reverse Engineering Malware Certification (GREM)

CyberLive

GIAC Certified Incident Handler Certification (GCIH)

GIAC Response and Industrial Defense (GRID)

New

CyberLive

GIAC Experienced Forensics Analyst (GX-FA)

New

CyberLive

GIAC Linux Incident Responder (GLIR)

Digital Forensics Incident Response Certification Guide Cover

What's Inside?

Explore the benefits of digital forensics certifications and incident response certifications
Get an inside look at what you’ll learn and the skills you can master with each certification
Discover what kind of job roles you can apply for with each digital forensics certification and incident response certification

Download Now for Free

I've already registered for SANS training, how do I add the GIAC exam?
Students can add a GIAC Certification exam attempt to their SANS course purchase either during the registration process, or through their SANS Account dashboard up until thirty days after the completion of their in-person, Simulcast, or Live Online course. For OnDemand orders, students have until ninety days after the registration date to add the GIAC Certification exam attempt bundle.
The deadline to complete the GIAC Certification exam attempt is four months from the completion of the in-person, Simulcast, or Live Online course. For OnDemand orders, the deadline to complete the GIAC Certification exam attempt is the same as the online training deadline.
To add a GIAC Certification exam attempt bundle after registering:
1. Log in to your SANS Account and click the "My Orders" link in your dashboard
2. Select "Add Available Bundled Items to Your Order" and submit your payment information to complete your purchase
I also signed up for SANS training - when will I receive access to my GIAC exam?

For OnDemand orders, you will receive access to the training and exam when you manually start the course from your account, or automatically within 14 days of payment. For in-person or LiveOnline training, you will receive access to the exam 7-10 days after the conclusion of your training event.
How do I register for a GIAC exam with SANS training?

The option to add the GIAC exam is available when you register for the associated SANS training course. Check out the list of SANS courses to get started.

More FAQ's