Get Certified: Roadmap

GIAC offers over 30 cyber security certifications in security administration, management, legal, audit, forensics and software security. A Certification Roadmap has been created to help you determine what certifications are right for specific job needs or career goals. Each GIAC certification is designed to stand on its own, and represents a certified individual's mastery of a particular set of knowledge and skills. There is no particular "order" in which GIAC certifications must be earned; though we recommend that candidates master lower level concepts before moving on to more advanced topics.

GIAC certifications align with individual job based disciplines and typically correspond to topics presented in SANS full 5-6 day courses. GIAC certification attempts have a 4 month time frame.

Foundations
	Level	GIAC Certification	Affiliate Training
	Introductory	GIAC Foundational Cybersecurity Technologies (GFACT)	SEC275: Foundations - Computers, Technology, & Security


Level	GIAC Certification	Affiliate Training
Introductory	GISF: GIAC Information Security Fundamentals	SEC301: Intro to Information Security
Intermediate	GSEC: GIAC Security Essentials	SEC401: Security Essentials Bootcamp Style
Advanced	GSOC: GIAC Security Operations Certified	SEC450: Blue Team Fundamentals: Security Operations and Analysis
Advanced	GOSI: GIAC Open Source Intelligence	SEC487: Open-Source Intelligence (OSINT) Gathering and Analysis
Advanced	GCED: GIAC Certified Enterprise Defender	SEC501: Advanced Security Essentials - Enterprise Defender
Advanced	GCIA: GIAC Certified Intrusion Analyst	SEC503: Intrusion Detection In-Depth
Advanced	GCWN: GIAC Certified Windows Security Administrator	SEC505: Securing Windows and PowerShell Automation
Advanced	GMON: GIAC Continuous Monitoring Certification	SEC511: Continuous Monitoring and Security Operations
Advanced	GDSA: GIAC Defensible Security Architecture	SEC530: Defensible Security Architecture
Advanced	GCDA: GIAC Certified Detection Analyst	SEC555: SIEM with Tactical Analytics
Advanced	GDAT: GIAC Defending Advanced Threats	SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses


Level	GIAC Certification	Affiliate Training
Intermediate	GICSP: Global Industrial Cyber Security Professional	ICS410: ICS/SCADA Security Essentials
Advanced	GRID: GIAC Response and Industrial Defense	ICS515: ICS Active Defense and Incident Response
Advanced	GCIP: GIAC Critical Infrastructure Protection	ICS456: Essentials for NERC Critical Infrastructure Protection


Level	GIAC Certification	Affiliate Training
Intermediate	GCIH: GIAC Certified Incident Handler	SEC504: Hacker Tools, Techniques, Exploits and Incident Handling
Advanced	GEVA: GIAC Enterprise Vulnerability Assessor	SEC460: Enterprise Threat and Vulnerability Assessment
Advanced	GPEN: GIAC Certified Penetration Tester	SEC560: Network Penetration Testing and Ethical Hacking
Advanced	GWAPT: GIAC Web Application Penetration Tester	SEC542: Web App Penetration Testing and Ethical Hacking
Advanced	GPYC: GIAC Python Coder	SEC573: Automating Information Security with Python
Advanced	GMOB: GIAC Mobile Device Security Analyst	SEC575: Mobile Device Security and Ethical Hacking
Advanced	GCPN: GIAC Cloud Penetration Tester	SEC588: Cloud Penetration Testing
Advanced	GAWN: GIAC Assessing Wireless Networks	SEC617: Wireless Ethical Hacking, Penetration Testing, and Defenses
Advanced	GXPN: GIAC Exploit Researcher and Advanced Penetration Tester	SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking


Level	GIAC Certification	Affiliate Training
Intermediate	GCFE: GIAC Certified Forensics Examiner	FOR500: Windows Forensic Analysis
Intermediate	GBFA: GIAC Battlefield Forensics and Acquisition	FOR498: Battlefield Forensics & Data Acquisition
Advanced	GCFA: GIAC Certified Forensic Analyst	FOR508: Advanced Digital Forensics, Incident Response, and Threat Hunting
Advanced	GNFA: GIAC Network Forensic Analyst	FOR572: Advanced Network Forensics and Analysis
Advanced	GCTI: GIAC Cyber Threat Intelligence	FOR578: Cyber Threat Intelligence
Advanced	GASF: GIAC Advanced Smartphone Forensics	FOR585: Advanced Smartphone Forensics
Advanced	GREM: GIAC Reverse Engineering Malware	FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques


Level	GIAC Certification	Affiliate Training
Advanced	GWEB: GIAC Certified Web Application Defender	SEC522: Defending Web Applications Security Essentials
Advanced	GCSA: GIAC Cloud Security Automation	SEC540: Cloud Security and DevOps Automation
Advanced	GCLD: GIAC Cloud Security Essentials	SEC488: Cloud Security Essentials
Advanced	GPCS: GIAC Public Cloud Security	SEC510: Public Cloud Security: AWS, Azure, and GCP


Level	GIAC Certification	Affiliate Training
Intermediate	GISP: GIAC Information Security Professional	MGT414: SANS Training Program for CISSP® Certification
Advanced	GSLC: GIAC Security Leadership Certification	MGT512: SANS Security Leadership Essentials For Managers with Knowledge Compression™
Advanced	GSTRT: GIAC Strategic Planning, Policy, and Leadership	MGT514: Security Strategic Planning, Policy, and Leadership
Advanced	GCPM: GIAC Certified Project Manager Certification	MGT525: IT Project Management and Effective Communication
Advanced	GLEG: GIAC Law of Data Security & Investigations	LEG523: Law of Data Security and Investigations
Advanced	GSNA: GIAC Systems and Network Auditor	AUD507: Auditing & Monitoring Networks, Perimeters & Systems
Advanced	GCCC: GIAC Critical Controls Certification	SEC566: Implementing and Auditing the Critical Security Controls - In-Depth

GIAC Security Expert
	Level	GIAC Certification
	Expert	GSE: GIAC Security Expert

*No Specific training is required for any GIAC certification. There are many sources of information available regarding the certification objectives' knowledge areas. Practical experience is an option; there are also numerous books on the market covering Computer Information Security. Another option is any relevant courses from training providers, including SANS.*

Get Certified: Roadmap

Latest Tweets @CertifyGIAC

Contact Us