| Founded | 1999 |
|---|---|
| Type | for-profit |
| Focus | Cybersecurity, Information Security, Software Security |
Area served | Worldwide |
| Services | Professional Certifications |
| Owner | SANS |
| Website | www.giac.org |
Global Information Assurance Certification (GIAC) is an information security certification entity that specializes in technical and practical certification as well as new research in the form of its GIAC Gold program. SANS Institute founded the certification entity in 1999 and the term GIAC is trademarked by The Escal Institute of Advanced Technologies.
GIAC provides a set of vendor-neutral computer security certifications linked to the training courses provided by the SANS. GIAC is specific to the leading edge technological advancement of IT security in order to keep ahead of "black hat" techniques. Papers written by individuals pursuing GIAC certifications are presented at the SANS Reading Room on GIAC's website.
In March 2021, GIAC introduced CyberLive, a new hands-on testing format that assesses real-world cybersecurity skills in a virtual environment, alongside its traditional multiple-choice exams. [1]
In December 2024, GIAC has rebranded its long-standing certifications as Practitioner Certifications, which include well-known qualifications like the GIAC Certified Forensic Examiner (GCFE). These certifications are aimed at validating professionals' abilities in real-world work environments, making them suitable for newcomers to the field as well as seasoned practitioners looking to enhance their skills and responsibilities in cybersecurity. In addition to this reclassification, GIAC has launched its new Applied Knowledge Certifications, designed to elevate testing standards and challenge candidates to showcase their mastery through hands-on, CyberLive exams that assess both their knowledge and practical skills. To achieve the prestigious designations of GIAC Security Professional or GIAC Security Expert, candidates are required to earn both Practitioner and Applied Knowledge Certifications, reflecting a comprehensive proficiency in the field. [2]
GIAC Practitioner Certifications are primarily based on individual SANS courses, providing a focused assessment of the skills and knowledge acquired from those specific training programs. As of November 2025, GIAC has organized its certifications into nine "Cyber Specialties." Below is the list of Practitioner Certifications arranged according to this categorization.
| Code | Name | Associated SANS Course | Comments |
|---|---|---|---|
| GSLC | GIAC Security Leadership | LDR512 | |
| GCCC | GIAC Critical Controls Certification | SEC566 | |
| GSTRT | GIAC Strategic Planning, Policy, and Leadership | LDR514 |
| Code | Name | Associated SANS Course | Comments |
|---|---|---|---|
| GCPM | GIAC Certified Project Manager | ||
| GLEG | GIAC Law of Data Security & Investigations | ||
| GCIL | GIAC Cyber Incident Leader | LDR553 | |
| GSNA | GIAC Systems and Network Auditor Certification | ||
| GISP | GIAC Information Security Professional Certification | LDR414 |
| Code | Name | Associated SANS Course | Comments |
|---|---|---|---|
| GSEC | GIAC Security Essentials | SEC401 | CyberLive |
| GISF | GIAC Information Security Fundamentals | SEC301 | CyberLive |
| GCED | GIAC Certified Enterprise Defender | SEC501 |
| Code | Name | Associated SANS Course | Comments |
|---|---|---|---|
| GCIA | GIAC Certified Intrusion Analyst Certification | SEC503 | CyberLive |
| GOSI | GIAC Open Source Intelligence Certification | SEC497 | |
| GSOC | GIAC Security Operations Certified | SEC450 | |
| GMON | GIAC Continuous Monitoring Certification | SEC511 | CyberLive |
| GSOA | GIAC Strategic OSINT Analyst | SEC587 | CyberLive |
| GMLE | GIAC Machine Learning Engineer | SEC595 | CyberLive |
| Code | Name | Associated SANS Course | Comments |
|---|---|---|---|
| GCWN | GIAC Certified Windows Security Administrator | ||
| GPYC | GIAC Python Coder | SEC573 | |
| GCDA | GIAC Certified Detection Analyst | SEC555 | |
| GDSA | GIAC Defensible Security Architect Certification | SEC530 | |
| GFACT | GIAC Foundational Cybersecurity Technologies | SEC275 | |
| GDAT | GIAC Defending Advanced Threats | SEC599 | |
| GSOM | GIAC Security Operations Manager Certification | LDR551 |
| Code | Name | Associated SANS Course | Comments |
|---|---|---|---|
| GPEN | GIAC Penetration Tester Certification | SEC560 | CyberLive |
| GXPN | GIAC Exploit Researcher and Advanced Penetration Tester | SEC660 | CyberLive |
| GRTP | GIAC Red Team Professional | SEC565 | CyberLive |
| GEVA | GIAC Enterprise Vulnerability Assessor Certification | ||
| GAWN | GIAC Assessing and Auditing Wireless Networks | SEC617 | |
| GWAPT | GIAC Web Application Penetration Tester | SEC542 | CyberLive |
| GMOB | GIAC Mobile Device Security Analyst | SEC575 |
| Code | Name | Associated SANS Course | Comments |
|---|---|---|---|
| GCPN | GIAC Cloud Penetration Tester | SEC588 |
| Code | Name | Associated SANS Course | Comments |
|---|---|---|---|
| GOAA | GIAC Offensive AI Analyst | SEC535 | CyberLive |
| Code | Name | Associated SANS Course | Comments |
|---|---|---|---|
| GASF | GIAC Advanced Smartphone Forensics Certification | FOR585 | |
| GIME | GIAC iOS and macOS Examiner | FOR518 |
| Code | Name | Associated SANS Course | Comments |
|---|---|---|---|
| GCFE | GIAC Certified Forensic Examiner | FOR500 | CyberLive |
| GEIR | GIAC Enterprise Incident Response | FOR608 | CyberLive |
| GCFR | GIAC Cloud Forensics Responder | FOR509 | CyberLive |
| GREM | GIAC Reverse Engineering Malware Certification | FOR610 | CyberLive |
| GLIR | GIAC Linux Incident Responder | FOR577 | CyberLive |
| GCFA | GIAC Certified Forensic Analyst | FOR508 | CyberLive |
| GNFA | GIAC Network Forensic Analyst | FOR572 | CyberLive |
| GCTI | GIAC Cyber Threat Intelligence | FOR578 | CyberLive |
| GBFA | GIAC Battlefield Forensics and Acquisition | FOR498 |
| Code | Name | Associated SANS Course | Comments |
|---|---|---|---|
| GPCS | GIAC Public Cloud Security | SEC510 | |
| GCTD | GIAC Cloud Threat Detection | SEC541 |
| Code | Name | Associated SANS Course | Comments |
|---|---|---|---|
| GCLD | GIAC Cloud Security Essentials Certification | SEC502 | |
| GCSA | GIAC Cloud Security Automation | SEC540 | |
| GCAD | GIAC Cloud Security Architecture and Design | SEC549 | |
| GWEB | GIAC Certified Web Application Defender | SEC522 |
| Code | Name | Associated SANS Course | Comments |
|---|---|---|---|
| GICSP | Global Industrial Cyber Security Professional Certification | ICS410 | CyberLive |
| GCIP | GIAC Critical Infrastructure Protection Certification | ICS456 | |
| GRID | GIAC Response and Industrial Defense | ICS515 |
| Code | Name | Associated SANS Course | Comments |
|---|---|---|---|
| GCIH | GIAC Certified Incident Handler Certification | SEC504 | CyberLive |
Unlike the "classic" Practitioner Certifications from GIAC, the Applied Knowledge Certifications are based on a broader range of training and expert knowledge. They provide a more comprehensive evaluation of candidates' skills across various topics rather than focusing mostly on dedicated SANS training.
| Code | Name | Associated SANS Courses | Status |
|---|---|---|---|
| GX-FE | GIAC Experienced Forensics Expert | FOR500 (Primary fit course), FOR498, FOR508, FOR608 | |
| GX-CS | GIAC Experienced Cybersecurity Specialist | SEC401 (Primary fit course), SEC503, FOR508, SEC560, SEC542, SEC599, SEC501, FOR500, SEC660 | |
| GX-FA | GIAC Experienced Forensic Analyst | FOR508 (Primary fit course), FOR498, FOR500, FOR501, FOR503, FOR504, FOR509, FOR572, FOR608, FOR610 | |
| GX-IA | GIAC Experienced Intrusion Analyst | SEC503 (Primary fit course), FOR572, SEC530, SEC450, SEC511, SEC573 | |
| GX-IH | GIAC Experienced Incident Handler | SEC504 (Primary fit course), SEC450, SEC501, SEC503, SEC560, FOR610, FOR508, FOR500 | |
| GX-PT | GIAC Experienced Penetration Tester | SEC560 (Primary fit course), SEC401, SEC501, SEC503, SEC504, SEC542, SEC565, SEC580, SEC617, SEC660, SEC670, SEC760 |
The following certifications are not found on the GIAC website and are not listed as retired:
As of November 2025, GIAC lists the following certifications as retired: [3]
 | This article about an education organization is a stub. You can help Wikipedia by expanding it. |