Global Information Assurance Certification

Global Information Assurance Certification (GIAC) is an information security certification entity that specialises in technical and practical certification as well as new research in the form of its GIAC Gold program. SANS Institute founded the certification entity in 1999 and the term GIAC is trademarked by the The Escal Institute of Advanced Technologies.

GIAC provides a set of vendor-neutral computer security certifications linked to the training courses provided by the SANS. GIAC is specific to the leading edge technological advancement of IT security in order to keep ahead of "black hat" techniques. Papers written by individuals pursuing GIAC certifications are presented as the SANS Reading Room on GIAC's website.

Initially all SANS GIAC certifications required a written paper or "practical" on a specific area of the certification in order to achieve the certification. In April 2005, the SANS organization changed the format of the certification by breaking it into two separate levels. The "silver" level certification requires two multiple-choice tests, whereas the "gold" level certification has both the multiple-choice tests requirement as well as a practical.

As of November 10, 2007, GIAC claims to have certified 19,275 individuals worldwide.cite web | url = http://www.giac.org/ | accessdate = 2007-04-11 | author = | title = Global Information Assurance Certification | publisher = Global Information Assurance Certification | date = ]

SANS GIAC Certifications

ecurity Administration

*GIAC Security Essentials Certification (GSEC)
*GIAC Certified Incident Handler (GCIH)
*GIAC Certified UNIX Security Administrator (GCUX)
*GIAC Information Security Fundamentals (GISF)
*GIAC .Net (GNET)
*GIAC Secure Internet Presence (GSIP)
*GIAC Certified Intrusion Analyst (GCIA)
*GIAC Certified Firewall Analyst (GCFW)
*GIAC Certified Windows Security Administrator (GCWN)
*GIAC Certified Forensics Analyst (GCFA)
*GIAC Securing Oracle Certification (GSOC)
*GIAC Assessing Wireless Networks (GAWN)
*GIAC Security Expert (GSE)
*GIAC Penetration Tester (GPEN)

Audit

*GIAC Certified ISO-17799 Specialist (G7799)
*GIAC Systems and Network Auditor (GSNA)
*GIAC Security Audit Essentials (GSAE)

Management

*GIAC Security Leadership Certification (GSLC)
*GIAC Certified Security Consultant (GCSC)

Operations

*GIAC Operations Essentials Certification (GOEC)

oftware Security and/or Secure Coding

* GIAC Secure Software Programmer - Java [http://www.giac.org/certifications/software/gssp-java.php (GSSP Java)]
* GIAC Secure Software Programmer - C [http://www.giac.org/certifications/software/gssp-c.php (GSSP C)]
* GIAC Reverse Engineering Malware [http://www.giac.org/certifications/security/grem.php (GREM)]
* GIAC .Net [http://www.giac.org/certifications/security/gnet.php (GNET)]

Other

*GIAC Certified Incident Handler (GCIH)

Controversy

Controversy surrounded the [http://www.theregister.co.uk/2005/03/29/security_certification/ decision to allow certifications] without completion of the practical assignment. This decision had the effect of simplifying the process to obtain the various four-letter designations. GIAC desired to increase the probability of students attempting certifications, presumably to increase the population of certified individuals, and therefore the industry relevance of GIAC certifications as a whole. Organizations which use GIAC certifications as professional qualification standard for candidates often do not specify a Gold or Silver certification requirement. The community concern was that devaluation of older certifications would ensue.

External links

* [http://www.giac.org/ GIAC website]
* [http://www.sans.org/press/release_20050407.pdf Press release announcing split of Gold and Silver certifications]

Notes