www.giac.org




GIAC has been an industry leader in information security certifications for years. The certifications have grown with demands of students, new threats and new technologies. Consequently, for ease of viewing and finding the appropriate certification, this listing has been grouped by subject matter and level of difficulty. Each GIAC certification is designed to stand on its own, and represents a certified individual's mastery of a particular set of knowledge and skills. There is no particular "order" in which GIAC certifications must be earned; though we recommend that candidates master lower level concepts before moving on to more advanced topics.

There are differences between "GIAC certifications" and "GIAC Skills Test and Report" (STAR) which are important to understand.

Many doors have opened up to me simply because I have a GIAC certification. It shows other people that I have 'hands-on' technical skills. - Dean Farrington Information Security Engineer, Wells Fargo

GIAC certifications align with individual job based disciplines and typically correspond to topics presented in SANS full 5-6 day courses. GIAC certification attempts have a 4 month time frame. Below you will find certifications in gold boxes.

The GIAC Skills Test and Report (STAR) are based on 1 or 2 day SANS training courses. While STAR is less involved than full certifications, they are more intensely focused on a given topic or area of study. For more information on the GIAC STAR program, please see http://www.giac.org/star/. STAR allows for a 4 month time frame to complete the requirements. Below you will find the STARs in blue boxes.



 Security AdministrationManagementLegalAuditSoftware Security
Introductory GIAC Information Security Fundamentals GISF        
  S.T.A.R - Computer and Network Security Awareness        
Intermediate GIAC Security Essentials Certification GSEC GIAC Information Security Professional GISP   GIAC Certified ISO-17799 Specialist G7799  
  S.T.A.R - IP Packet Analysis S.T.A.R. - Security Policy      
    S.T.A.R - Critical Infrastructure Protection      
    S.T.A.R - Leadership Management      
Advanced GIAC Certified Forensics Analyst GCFA GIAC Security Leadership Certification GSLC GIAC Legal Issues GLEG GIAC Systems and Network Auditor GSNA GIAC Secure Software Programmer - .NET GSSP-NET
  GIAC Certified Firewall Analyst GCFW GIAC Certified Project Manager Certification GCPM   S.T.A.R - Payment Card Industry GIAC Secure Software Programmer - C GSSP-C
  GIAC Certified Intrusion Analyst GCIA S.T.A.R - Security Policy and Awareness     GIAC Secure Software Programmer - Java GSSP-JAVA
  GIAC Certified Incident Handler GCIH        
  GIAC Certified UNIX Security Administrator GCUX        
  GIAC Certified Windows Security Administrator GCWN        
  GIAC Certified Enterprise Defender GCED        
  GIAC Securing Oracle Certification GSOC        
  GIAC Certified Penetration Tester GPEN        
  GIAC Web Application Penetration Tester GWAPT        
  S.T.A.R - Cutting Edge Hacking Techniques        
  S.T.A.R. - Advanced Filesystem Recovery and Memory Forensics        
  S.T.A.R. - Windows Command-Line Kung Fu        
  S.T.A.R - Advanced Information Recon        
  S.T.A.R. - Metasploit for Penetration Testers        
  S.T.A.R - Comprehensive Packet Analysis        
Highly Advanced GIAC Assessing Wireless Networks GAWN        
  GIAC Reverse Engineering Malware GREM        


Number of certified professionals: 26,298
SEC301 Skyscraper