Global Information Assurance Certification (GIAC) is an information security certification entity that specializes in technical and practical certification as well as new research in the form of its GIAC Gold program. SANS Institute founded the certification entity in 1999 and the term GIAC is trademarked by The Escal Institute of Advanced Technologies.
GIAC provides a set of vendor-neutral computer security certifications linked to the training courses provided by the SANS. GIAC is specific to the leading edge technological advancement of IT security in order to keep ahead of "black hat" techniques. Papers written by individuals pursuing GIAC certifications are presented at the SANS Reading Room on GIAC's website.
In March 2021, GIAC introduced CyberLive, a new hands-on testing format that assesses real-world cybersecurity skills in a virtual environment, alongside its traditional multiple-choice exams.[1]
In December 2024, GIAC has rebranded its long-standing certifications as Practitioner Certifications, which include well-known qualifications like the GIAC Certified Forensic Examiner (GCFE). These certifications are aimed at validating professionals' abilities in real-world work environments, making them suitable for newcomers to the field as well as seasoned practitioners looking to enhance their skills and responsibilities in cybersecurity. In addition to this reclassification, GIAC has launched its new Applied Knowledge Certifications, designed to elevate testing standards and challenge candidates to showcase their mastery through hands-on, CyberLive exams that assess both their knowledge and practical skills. To achieve the prestigious designations of GIAC Security Professional or GIAC Security Expert, candidates are required to earn both Practitioner and Applied Knowledge Certifications, reflecting a comprehensive proficiency in the field.[2]
GIAC Practitioner Certifications
GIAC Practitioner Certifications are primarily based on individual SANS courses, providing a focused assessment of the skills and knowledge acquired from those specific training programs. As of November 2025, GIAC has organized its certifications into nine "Cyber Specialties." Below is the list of Practitioner Certifications arranged according to this categorization.
Cybersecurity Leadership, Artificial Intelligence (AI)
| Code
|
Name
|
Associated SANS Course
|
Comments
|
| GSLC
|
GIAC Security Leadership
|
LDR512
|
|
| GCCC
|
GIAC Critical Controls Certification
|
SEC566
|
|
| GSTRT
|
GIAC Strategic Planning, Policy, and Leadership
|
LDR514
|
|
Cybersecurity Leadership
| Code
|
Name
|
Associated SANS Course
|
Comments
|
| GCPM
|
GIAC Certified Project Manager
|
|
|
| GLEG
|
GIAC Law of Data Security & Investigations
|
|
|
| GCIL
|
GIAC Cyber Incident Leader
|
LDR553
|
|
| GSNA
|
GIAC Systems and Network Auditor Certification
|
|
|
| GISP
|
GIAC Information Security Professional Certification
|
LDR414
|
|
Cybersecurity and IT Essentials, Cyber Defense
| Code
|
Name
|
Associated SANS Course
|
Comments
|
| GSEC
|
GIAC Security Essentials
|
SEC401
|
CyberLive
|
| GISF
|
GIAC Information Security Fundamentals
|
SEC301
|
CyberLive
|
| GCED
|
GIAC Certified Enterprise Defender
|
SEC501
|
|
Cyber Defense, Artificial Intelligence
| Code
|
Name
|
Associated SANS Course
|
Comments
|
| GCIA
|
GIAC Certified Intrusion Analyst Certification
|
SEC503
|
CyberLive
|
| GOSI
|
GIAC Open Source Intelligence Certification
|
SEC497
|
|
| GSOC
|
GIAC Security Operations Certified
|
SEC450
|
|
| GMON
|
GIAC Continuous Monitoring Certification
|
SEC511
|
CyberLive
|
| GSOA
|
GIAC Strategic OSINT Analyst
|
SEC587
|
CyberLive
|
| GMLE
|
GIAC Machine Learning Engineer
|
SEC595
|
CyberLive
|
Cyber Defense
| Code
|
Name
|
Associated SANS Course
|
Comments
|
| GCWN
|
GIAC Certified Windows Security Administrator
|
|
|
| GPYC
|
GIAC Python Coder
|
SEC573
|
|
| GCDA
|
GIAC Certified Detection Analyst
|
SEC555
|
|
| GDSA
|
GIAC Defensible Security Architect Certification
|
SEC530
|
|
| GFACT
|
GIAC Foundational Cybersecurity Technologies
|
SEC275
|
|
| GDAT
|
GIAC Defending Advanced Threats
|
SEC599
|
|
| GSOM
|
GIAC Security Operations Manager Certification
|
LDR551
|
|
Offensive Operations, Pen Testing, and Red Teaming
| Code
|
Name
|
Associated SANS Course
|
Comments
|
| GPEN
|
GIAC Penetration Tester Certification
|
SEC560
|
CyberLive
|
| GXPN
|
GIAC Exploit Researcher and Advanced Penetration Tester
|
SEC660
|
CyberLive
|
| GRTP
|
GIAC Red Team Professional
|
SEC565
|
CyberLive
|
| GEVA
|
GIAC Enterprise Vulnerability Assessor Certification
|
|
|
| GAWN
|
GIAC Assessing and Auditing Wireless Networks
|
SEC617
|
|
| GWAPT
|
GIAC Web Application Penetration Tester
|
SEC542
|
CyberLive
|
| GMOB
|
GIAC Mobile Device Security Analyst
|
SEC575
|
|
Offensive Operations, Pen Testing, and Red Teaming, Cloud Security, Artificial Intelligence
| Code
|
Name
|
Associated SANS Course
|
Comments
|
| GCPN
|
GIAC Cloud Penetration Tester
|
SEC588
|
|
Artificial Intelligence
| Code
|
Name
|
Associated SANS Course
|
Comments
|
| GOAA
|
GIAC Offensive AI Analyst
|
SEC535
|
CyberLive
|
Digital Forensics, Incident Response & Threat Hunting, Artificial Intelligence
| Code
|
Name
|
Associated SANS Course
|
Comments
|
| GASF
|
GIAC Advanced Smartphone Forensics Certification
|
FOR585
|
|
| GIME
|
GIAC iOS and macOS Examiner
|
FOR518
|
|
Digital Forensics, Incident Response & Threat Hunting
| Code
|
Name
|
Associated SANS Course
|
Comments
|
| GCFE
|
GIAC Certified Forensic Examiner
|
FOR500
|
CyberLive
|
| GEIR
|
GIAC Enterprise Incident Response
|
FOR608
|
CyberLive
|
| GCFR
|
GIAC Cloud Forensics Responder
|
FOR509
|
CyberLive
|
| GREM
|
GIAC Reverse Engineering Malware Certification
|
FOR610
|
CyberLive
|
| GLIR
|
GIAC Linux Incident Responder
|
FOR577
|
CyberLive
|
| GCFA
|
GIAC Certified Forensic Analyst
|
FOR508
|
CyberLive
|
| GNFA
|
GIAC Network Forensic Analyst
|
FOR572
|
CyberLive
|
| GCTI
|
GIAC Cyber Threat Intelligence
|
FOR578
|
CyberLive
|
| GBFA
|
GIAC Battlefield Forensics and Acquisition
|
FOR498
|
|
Cloud Security, Artificial Intelligence
| Code
|
Name
|
Associated SANS Course
|
Comments
|
| GPCS
|
GIAC Public Cloud Security
|
SEC510
|
|
| GCTD
|
GIAC Cloud Threat Detection
|
SEC541
|
|
Cloud Security
| Code
|
Name
|
Associated SANS Course
|
Comments
|
| GCLD
|
GIAC Cloud Security Essentials Certification
|
SEC502
|
|
| GCSA
|
GIAC Cloud Security Automation
|
SEC540
|
|
| GCAD
|
GIAC Cloud Security Architecture and Design
|
SEC549
|
|
| GWEB
|
GIAC Certified Web Application Defender
|
SEC522
|
|
Industrial Control Systems Security
| Code
|
Name
|
Associated SANS Course
|
Comments
|
| GICSP
|
Global Industrial Cyber Security Professional Certification
|
ICS410
|
CyberLive
|
| GCIP
|
GIAC Critical Infrastructure Protection Certification
|
ICS456
|
|
| GRID
|
GIAC Response and Industrial Defense
|
ICS515
|
|
Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, Digital Forensics, Incident Response & Threat Hunting
| Code
|
Name
|
Associated SANS Course
|
Comments
|
| GCIH
|
GIAC Certified Incident Handler Certification
|
SEC504
|
CyberLive
|
GIAC Applied Knowledge Certifications
Unlike the "classic" Practitioner Certifications from GIAC, the Applied Knowledge Certifications are based on a broader range of training and expert knowledge. They provide a more comprehensive evaluation of candidates' skills across various topics rather than focusing mostly on dedicated SANS training.
| Code
|
Name
|
Associated SANS Courses
|
Status
|
| GX-FE
|
GIAC Experienced Forensics Expert
|
FOR500 (Primary fit course), FOR498, FOR508, FOR608
|
|
| GX-CS
|
GIAC Experienced Cybersecurity Specialist
|
SEC401 (Primary fit course), SEC503, FOR508, SEC560, SEC542, SEC599, SEC501, FOR500, SEC660
|
|
| GX-FA
|
GIAC Experienced Forensic Analyst
|
FOR508 (Primary fit course), FOR498, FOR500, FOR501, FOR503, FOR504, FOR509, FOR572, FOR608, FOR610
|
|
| GX-IA
|
GIAC Experienced Intrusion Analyst
|
SEC503 (Primary fit course), FOR572, SEC530, SEC450, SEC511, SEC573
|
|
| GX-IH
|
GIAC Experienced Incident Handler
|
SEC504 (Primary fit course), SEC450, SEC501, SEC503, SEC560, FOR610, FOR508, FOR500
|
|
| GX-PT
|
GIAC Experienced Penetration Tester
|
SEC560 (Primary fit course), SEC401, SEC501, SEC503, SEC504, SEC542, SEC565, SEC580, SEC617, SEC660, SEC670, SEC760
|
|
Unavailable or retired GIAC certifications
Unavailable certifications
The following certifications are not found on the GIAC website and are not listed as retired:
- GIAC Secure Internet Presence (GSIP)
- GIAC Security Audit Essentials (GSAE)
- GIAC Certified ISO-17799 Specialist (G7799)
- GIAC Certified Security Consultant (GCSC)
Retired certifications
As of November 2025, GIAC lists the following certifications as retired:[3]
- GIAC .NET (GNET)
- GIAC Certified Incident Manager (GCIM)
- GIAC Certified ISO-27000 Specialist (G2700)
- GIAC Secure Software Programmer-C (GSSP-C)
- GIAC Securing Oracle Certified (GSOC)
- GIAC Secure Software Programmer-.net (GSSP-.net)
- GIAC Secure Software Programmer-Java (GSSP-Java)
- GIAC Perimeter Protection Analyst (GPPA)
- GIAC UNIX Security Administrator (GCUX)
External links
Notes