What certification do I need?
In today’s complex cybersecurity landscape, hands-on skills are more critical than ever. Most practitioners understand the importance of certifications, but what cybersecurity certifications are out there and which ones do you need on your path to becoming a security expert? Here you’ll find some of the most popular security certifications offered by GIAC and how they align to top job roles in today’s market.
- GIAC Security Essentials (GSEC)
The GIAC Security Essentials (GSEC) certification validates an information security professional's knowledge beyond simple terminology and concepts. With a GSEC certification, you demonstrate that you are qualified for hands-on IT security tasks. This is a perfect starting point for anyone who is new to information security but has some background knowledge of information systems and networks. The certification is also suitable for security professionals, security managers, forensic analysts, auditors and operational staff who deal with information security.
2. GIAC Certified Incident Handler (GCIH)
The GIAC Incident Handler certification validates a security professional's ability to detect, respond to and resolve computer security incidents using a wide range of essential security skills. With a GCIH certification, you possess the knowledge needed to manage security incidents by understanding common attack techniques, vectors and tools, and know-how to protect against and respond to such attacks. This certification is suitable for professionals who must handle incidents, such as system administrators, security experts, and others who must be the first to respond in the event of a security incident.
3. GIAC Certified Forensic Analyst (GCFA)
The GCFA certification indicates that candidates have the knowledge, skills and ability to conduct formal incident investigations and can perform advanced incident handling scenarios, including internal and external intrusions and data breaches, advanced persistent threats, anti-forensic techniques used by attackers, and complex digital forensics. In the words of Rob Lee, author of the affiliated SANS FOR508 training course, "The enemy is good. We are better. This training will help you become one of the best."
4. GIAC Certified Forensic Examiner (GCFE)
The GIAC Certified Forensic Examiner (GCFE) certification validates knowledge of forensic computer analysis, with an emphasis on core skills needed to collect and analyze data from Windows computer systems. With a GCFE certification, you will have the knowledge, skills and ability to perform typical incident investigations, including e-Discovery, forensic analysis and reporting, evidence acquisition, browser forensics and tracking user and application activity on Windows systems. The course is for anyone interested in a thorough understanding of Windows forensics and has a background in information systems, information security, and computer networking.
5. GIAC Penetration Tester (GPEN)
The GPEN certification demonstrates the ability to properly perform a penetration test, using best practice techniques and methodologies. With a GPEN certification, you have the knowledge and skills to perform exploits and detailed reconnaissance, but you can also deploy a process-oriented approach to penetration testing projects. This course is suitable for security professionals who assess networks and systems for vulnerabilities, such as penetration testers, ethical hackers, and Red and Blue Team members. Auditors and forensic specialists who want to better understand offensive tactics will also benefit from this training.
6. GIAC Certified Intrusion Analyst (GCIA)
The GIAC Intrusion Analyst certification validates your knowledge of network and host monitoring, traffic analysis, and intrusion detection. With a GCIA certification, you have the skills needed to configure and monitor intrusion detection systems. In addition, you can read, interpret, and analyze network traffic and related log files. These skills are important for systems analysts, security analysts, network engineers and administrators, and anyone responsible for detecting intrusions into corporate systems.
7. GIAC Reverse Engineering Malware (GREM)
The GREM certification is designed for security professionals who need to protect their organization from malicious code. As a GREM certified professional, you have the knowledge and skills to reverse engineer malware that targets common platforms. You know how to investigate the inner workings of malware in the context of forensics, incident response and Windows system administration. This certification will make you more valuable to employers and clients as a system or network administrator, auditor or forensic investigator by demonstrating advanced malware analysis skills. The training is suitable for anyone who wants to formalize their expertise.
How do I choose the right certification?
There are countless security certifications to choose from, with many benefits available to both newcomers and experienced professionals. One of the most important things to look for when choosing a certification is suitability. A certification should not only align with your strengths as a practitioner but should also suit your career ambitions. It pays to keep a close eye on developments in the cybersecurity world to see which specializations will be most in-demand in the coming years and choose your next steps accordingly.