-
- Current Site
Security Certification- Choose a different site Help
Security Training
Internet Storm Center
College Cybersecurity Programs
Security Awareness Training
Blue Team Operations
Forensics & Incident Response
Offensive Operations
Industrial Control Systems
Cloud Security
Cybersecurity Leadership
Government Private Training
Cybersecurity Certifications
Digital Forensics and Incident Response Certifications
It takes intuition and specialized skills to find hidden evidence and hunt for elusive threats. GIAC's Digital Forensics and Incident Response certifications encompass abilities that DFIR professionals need to succeed at their craft, confirming that professionals can detect compromised systems, identify how and when a breach occurred, understand what attackers took or changed, and successfully contain and remediate incidents. Keep your knowledge of detecting and fighting threats up to date - and your work role secure - with DFIR certifications.
GIAC with CyberLive
Real world, virtual machine testing for specialized certifications
CyberTalent Assessments
Measure your skills and competency levels to decide what's next
Operating System & Device In-Depth
Prove your ability to detect, respond to, and recover from an attack.
Incident Response & Threat Hunting
Prove your mastery of essential skills needed to defend the enterprise.
"Intrusion detection, incident response and digital forensics are my everyday working areas. My GIAC certs provided a practical framework that is comprehensive and effective. Clients trust my work when they know I'm certified and after when the see the result."
- Juan Manzano, GSE
Operating System & Device In-Depth Certifications
GIAC Battlefield Forensics & Acquisition (GBFA)
The GBFA certification demonstrates that an individual is trained and qualified in the proper collection, acquisition, and rapid triage analysis of many forms of data storage.
- Efficient data acquisition from a wide range of devices
- Rapidly producing actionable intelligence Manually identifying and acquiring data
Affiliated Training: FOR498: Battlefield Forensics & Data Acquisition
GIAC Certified Forensic Examiner (GCFE)
The GCFE certification validates a practitioner's knowledge of computer forensic analysis, with an emphasis on core skills required to collect and analyze data from Windows computer systems.
- Windows Forensics and Data Triage
- Windows Registry Forensics, USB Devices, Shell Items, Email Forensics and Log Analysis
- Advanced Web Browser Forensics (Chrome, Edge, Firefox, Internet Explorer)
Affiliated Training: FOR500: Windows Forensic Analysis
GIAC Advanced Smartphone Forensic (GASF)
The GASF certification confirms practitioners can perform forensic examinations on a range of mobile devices and collect data from a variety of files and applications.
- Fundamentals of mobile forensics and conducting forensic exams
- Device file system analysis and mobile application behavior
- Event artifact analysis and the identification and analysis of mobile device malware
Affiliated Training: FOR585: Smartphone Forensic Analysis In-Depth
Incident Response & Threat Hunting Certifications
CyberLive
GIAC Certified Forensic Analyst (GCFA) with CyberLive
The GCFA certification proves that candidates have the knowledge, skills, and ability to conduct formal incident investigations and handle advanced incident handling scenarios.
- Advanced Incident Response and Digital Forensics
- Memory Forensics, Timeline Analysis, and Anti-Forensics Detection
- Threat Hunting and APT Intrusion Incident Response
Affiliated Training: FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics
GIAC Network Forensic Analyst (GNFA)
The GNFA certification validates a practitioner's ability to perform examinations employing network forensic artifact analysis.
- Network architecture, network protocols, and network protocol reverse engineering
- Encryption & encoding, NetFlow analysis & attack visualization, security event & incident logging
- Network analysis tools & usage, wireless network analysis, & open source network security proxies
Affiliated Training: FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response
GIAC Cyber Threat Intelligence (GCTI)
The GCTI certification proves practitioners have mastered strategic, operational, and tactical cyber threat intelligence fundamentals and application.
- Open source intelligence and campaigns, intelligence applications and intrusion analysis
- Analysis of intelligence, attribution, collecting and storing data sets
- Kill chain, diamond model, and courses of action matrix
- Malware as a collection source, pivoting, and sharing intelligence
Affiliated Training: FOR578: Cyber Threat Intelligence
GIAC Reverse Engineering Malware (GREM)
The GREM certification proves that professionals possess the knowledge and skills to reverse-engineer malicious software (malware) that targets common platforms, such as Microsoft Windows and web browsers.
- Analysis of Malicious Document Files, Analyzing Protected Executables, and Analyzing Web-Based Malware
- In-Depth Analysis of Malicious Browser Scripts and In-Depth Analysis of Malicious Executables
- Malware Analysis Using Memory Forensics and Malware Code and Behavioral Analysis Fundamentals
- Windows Assembly Code Concepts for Reverse-Engineering and Common Windows Malware Characteristics in Assembly
Affiliated Training: FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques
CyberLive
GIAC Certified Incident Handler (GCIH) with CyberLive
The GCIH with CyberLive certification focuses on methods used to detect, respond, and resolve computer security incidents.
- Incident Handling and Computer Crime Investigation
- Computer and Network Hacker Exploits
- Hacker Tools (Nmap, Nessus, Metasploit and Netcat)
Affiliated Training: SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling
GIAC Response and Industrial Defense (GRID)
The GRID certification is for professionals who want to prove that they can perform active defense strategies specific to and appropriate for an Industrial Control System (ICS) network and systems.
- Active Defense Concepts and Application, Detection and Analysis in an ICS environment
- ICS-focused discovery and monitoring, digital forensics, and incident response
- Malware Analysis Techniques, Threat Analysis in an ICS environment, and Threat Intelligence Fundamentals
Affiliated Training: ICS515: ICS Active Defense and Incident Response
