GIAC New Certification

NEW! GIAC Applied Knowledge Certifications

Striving for mastery and constantly pushing oneself to improve.
GIAC Applied Knowledge Certs

GIAC Applied Knowledge Certifications are designed to provide a more comprehensive and rigorous assessment of knowledge and skills. GIAC Applied Knowledge certifications take testing to the next level. These certifications are:

  • Intended to provide candidates with a more thorough understanding of a wide range of topics and subject matter
  • 100% CyberLive and are designed to push beyond individual technical skills. CyberLive questions require candidates to synthesize their skills and use them to solve real-world challenges in a virtual machine environment.
  • Ideal for candidates who wish to challenge themselves and demonstrate their mastery of a subject
  • Stackable with GIAC Practitioner Certifications, enabling candidates to build their Portfolios to become a GIAC Security Professional (GSP) and/or a GIAC Security Expert (GSE)

Applied Knowledge Certifications

GIAC’s NEW Applied Knowledge Certifications truly test your mettle and set you apart from your peers. Designed to be challenging, these new certification exams requiring you to apply your technical expertise and hands-on experience to solve complex security scenarios. Courses that include a "primary fit course" designation have the most closely aligned content for the exam but is not inclusive of all the content, tools, and platforms that will be included in testing on the Applied Knowledge exam.

Applied Knowledge CertificationDescriptionAffiliate Training
GIAC Experienced Cybersecurity Specialist Certification (GX-CS)The GIAC Experienced Cybersecurity Specialist Certification (GX-CS) demonstrates that a candidate is qualified for hands-on IT systems roles. Certification holders will validate their ability to solve complex multifaceted problems through new and diversified security practices and tasks.

SEC401
(Primary fit course)


SEC503
FOR508
SEC560
SEC542
SEC599
SEC501
SEC505
FOR500
SEC660

GIAC Experienced Intrusion Analyst Certification (GX-IA)The GIAC Experienced Intrusion Analyst Certification (GX-IA) demonstrates that a candidate is qualified to solve complex and unique challenges that Intrusion Analysts encounter. Certification holders will validate their ability to solve multi-step problems through incorporating various concepts and methodologies to identify malicious activity.

SEC503
(Primary fit course)


FOR572
SEC530
SEC450
SEC511
SEC573

GIAC Experienced Incident Handler Certification (GX-IH)The GIAC Experienced Incident Handler Certification (GX-IH) demonstrates a candidate’s superior incident response skills. Mastery of hands-on attacker techniques combined with incident response tools and practices validate that certification holders have the skills and knowledge to take teams to the next level

SEC504
(Primary fit course)


SEC450
SEC501
SEC503
SEC560
SEC505
FOR610
FOR508
FOR500

Study Guide Infographic

How to Prepare for Applied Knowledge Certifications

Unlike our traditional GIAC Practitioner Exams, preparation for GIAC Applied Knowledge exams is not directly linked to a specific affiliate training course. To prepare for a GIAC Applied Knowledge Certifications, GIAC recommends that candidates review the content within the primary fit affiliate course, however, candidates should not rely on this course alone. Along with content and labs included in primary fit course, candidates should review the Areas Covered list found on each Applied Knowledge certification page. Additionally, work experience will also equip candidates for success.

Are You Ready for an Applied Knowledge Exam?

These hypothetical exam takers were created to showcase various backgrounds and preparation methods. Candidates may use these examples to better understand how they are projected to perform on an Applied Knowledge exam.
  • Erik is a renowned cyber expert and multi-time winner of Capture-the-Flag (CTF) competitions demonstrated their expertise by taking an Applied Knowledge exam in their area of proficiency without taking the affiliate partner primary fit course. This individual is a true cybersecurity rockstar. Remarkably, the expert passed the exam on their first attempt, showcasing their exceptional skills and knowledge in the field.

  • Kendra is a recent college graduate with a degree in computer science and exceptional aptitude and talent, enrolled in her first SANS class. On day 6 of the course, she led her team to victory in the Capture-the-Flag (CTF) exercise. During her certification attempt, the student demonstrated outstanding performance and passed with remarkable scores.

  • A cyber practitioner with a decade of technical experience in the industry enrolled in a SANS course and demonstrated exceptional skills in the labs. As a result, Ravi excelled in the practitioner level GIAC exam with outstanding marks. The practitioner was confident that they could adapt the techniques learned in the labs to new and unique environments without further instruction. However, when attempting the Applied Knowledge exam, Ravi fell just short of passing and ultimately failed.

  • Jason is new to cybersecurity and enrolled in their first SANS course, but failed to complete all the labs in class. Consequently, he struggled to apply the techniques learned in class to unfamiliar scenarios in his own environment. Despite this, he managed to pass the certification on his first attempt, with a score in the upper 70s. Encouraged, Jason felt ready for a specialist exam, and attempted it two weeks later using his course index. Unfortunately, he failed. In a second attempt, Jason revisited the course labs but failed again.

  • Olivia has two decades of experience in cybersecurity and took a course in their area of expertise. Olivia’s employer used an expensive commercial suite to perform the tasks covered in the course for the past five years. While Olivia's extensive experience and familiarity with the domain enabled them to pass the primary fit affiliated certification exam, they were unable to pass the specialist exam due to unfamiliarity with the tools available. Her employer's expensive commercial suite was not available for her to use during the exam and Olivia was unaware of any other methods to solve the challenges, which resulted in her failing the exam.

  • Sarah is an experienced and highly skilled cybersecurity professional enrolled in a course in an unfamiliar domain. Due to their proficiency in taking certification exams, they passed the primary best fit certification exam with ease. Overconfident, Sarah assumed that passing the specialist exam would be a breeze since she paid attention to the labs. However, Sarah failed the first specialist exam attempt, underestimating its difficulty. On impulse, she purchased a retake, but with a full-time job and busy family life, she lacked the time to delve deeper into an unfamiliar domain. Despite being exposed to the types of challenges on the exam, Sarah failed her second attempt primarily due to a lack of additional study time.

What Others Are Saying About Applied Knowledge Certifications

The GX–CS exam questions are amazingly well designed. They require the candidate to combine and chain several actions, demonstrating not only usage of tools, but also understanding and real-world applicability.
Bojan Zdrnja
Chief Technical Officer INFIGO IS, SANS Certified Instructor
I'm proud of all my certs, but the satisfaction I felt after passing the GX- CS exam was nothing like I had felt after any prior cert or exam. These exams will test your mettle!
Bryan E. Simon
President of Xploit Security Inc., SANS Senior Instructor/Author
The questions on the GX – IH challenged me, like I experience in my consulting work every day. It's hard to imagine a more real-world exam.
Josh Wright
SANS Author & Fellow

    FAQs on GIAC Applied Knowledge Certifications

    • No. There are no prerequisites. Please visit our Applied Knowledge Certifications page for helpful information about the associated exam and how to prepare.

    • No, practice tests are not included. However, we offer Demo Questions to help you prepare.

    • Check out our preparation tips here.

    • Applied Knowledge exams are comprised of 25 CyberLive hands-on questions. CyberLive testing creates a lab environment where cyber practitioners prove their knowledge, understanding, and skill.

    • GIAC Applied Knowledge Certifications require successfully passing a proctored exam & are applicable to the same policies as GIAC Practioner Certification exams. Please review our proctored exam overview here.