Get Certified: Roadmap
GIAC offers over 30 cyber security certifications in security administration, management, legal, audit, forensics and software security. A Certification Roadmap has been created to help you determine what certifications are right for specific job needs or career goals. Each GIAC certification is designed to stand on its own, and represents a certified individual's mastery of a particular set of knowledge and skills. There is no particular "order" in which GIAC certifications must be earned; though we recommend that candidates master lower level concepts before moving on to more advanced topics.
GIAC certifications align with individual job based disciplines and typically correspond to topics presented in SANS full 5-6 day courses. GIAC certification attempts have a 4 month time frame.
ICS | ||||
---|---|---|---|---|
Level | GIAC Certification | Affiliate Training | ||
![]() |
Intermediate | GICSP: Global Industrial Cyber Security Professional | ICS410: ICS/SCADA Security Essentials | |
![]() |
Advanced | GRID: GIAC Response and Industrial Defense | ICS515: ICS Active Defense and Incident Response | |
![]() |
Advanced | GCIP: GIAC Critical Infrastructure Protection | ICS456: Essentials for NERC Critical Infrastructure Protection |
Digital Forensics & Incident Response | ||||
---|---|---|---|---|
Level | GIAC Certification | Affiliate Training | ||
![]() |
Intermediate | GCFE: GIAC Certified Forensics Examiner | FOR500: Windows Forensic Analysis | |
![]() |
Intermediate | GBFA: GIAC Battlefield Forensics and Acquisition | FOR498: Battlefield Forensics & Data Acquisition | |
![]() |
Advanced | GCFA: GIAC Certified Forensic Analyst | FOR508: Advanced Digital Forensics, Incident Response, and Threat Hunting | |
![]() |
Advanced | GNFA: GIAC Network Forensic Analyst | FOR572: Advanced Network Forensics and Analysis | |
![]() |
Advanced | GCTI: GIAC Cyber Threat Intelligence | FOR578: Cyber Threat Intelligence | |
![]() |
Advanced | GASF: GIAC Advanced Smartphone Forensics | FOR585: Advanced Smartphone Forensics | |
![]() |
Advanced | GREM: GIAC Reverse Engineering Malware | FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques |
Cloud Security | ||||
---|---|---|---|---|
Level | GIAC Certification | Affiliate Training | ||
![]() |
Advanced | GWEB: GIAC Certified Web Application Defender | SEC522: Defending Web Applications Security Essentials | |
![]() |
Advanced | GCSA: GIAC Cloud Security Automation | SEC540: Cloud Security and DevOps Automation | |
![]() |
Advanced | GCLD: GIAC Cloud Security Essentials | SEC488: Cloud Security Essentials |
GIAC Security Expert | ||||
---|---|---|---|---|
Level | GIAC Certification | |||
![]() |
Expert | GSE: GIAC Security Expert |
*No Specific training is required for any GIAC certification. There are many sources of information available regarding the certification objectives' knowledge areas. Practical experience is an option; there are also numerous books on the market covering Computer Information Security. Another option is any relevant courses from training providers, including SANS.*