The GIAC Web Application Penetration Tester (GWAPT) certification validates a practitioner's ability to better secure organizations through penetration testing and a thorough understanding of web application security issues. GWAPT certification holders have demonstrated knowledge of web application exploits and penetration testing methodology.
The GIAC Experienced Penetration Tester (GX-PT) Certification demonstrates that a candidate has seasoned, hands-on red team and purple team skills. Certification holders will validate their ability to map networks, identify vulnerabilities, and exploit hosts in various environments, through a diverse set of tasks, in a time-restricted environment under testing conditions.
The GIAC Red Team Professional certification validates an individual’s ability to conduct end-to-end Red Team engagements. GRTP certification holders have demonstrated knowledge of building an adversary emulation plan, establishing an C2 infrastructure, and emulating adversary tactics, techniques, and procedures (TTPs) to assist in improving overall security.
The GIAC Certified Detection Analyst (GCDA) certification proves an individual knows how to collect, analyze, and tactically use modern network and endpoint data sources to detect malicious or unauthorized activity.
The GIAC Certified Enterprise Defender (GCED) certification builds on the security skills measured by the GIAC Security Essentials certification. It assesses more advanced, technical skills that are needed to defend the enterprise environment and protect an organization as a whole. GCED certification holders have validated knowledge and abilities in the areas of defensive network infrastructure, packet analysis, penetration testing, incident handling and malware removal.
The GIAC Defensible Security Architect (GDSA) certification validates a practitioner's ability to design and implement a strategic combination of network-centric and data-centric controls to balance prevention, detection, and response capabilities.
The GIAC Web Application Defender (GWEB) certification allows candidates to demonstrate mastery of the security knowledge and skills needed to deal with common web application errors that lead to most security problems. The successful candidate will have hands-on experience using current tools to detect and prevent input validation flaws, cross-site scripting (XSS), and SQL injection as well as an in-depth understanding of authentication, access control, and session management, their weaknesses, and how they are best defended. GWEB candidates have the knowledge, skills, and abilities to secure web applications and recognize and mitigate security weaknesses in existing web applications.
The GIAC Penetration Tester (GPEN) certification validates a practitioner's ability to properly conduct a penetration test using best-practice techniques and methodologies. GPEN certification holders have the knowledge and skills to conduct exploits, engage in detailed environmental reconnaissance, and utilize a process-oriented approach to penetration testing projects
The GIAC Cloud Penetration Tester (GCPN) certification validates a practitioner's ability to conduct cloud-focused penetration testing and assess the security of systems, networks, architecture, and cloud technologies.