GIAC Launches New Cyber Security Certification for GIAC Enterprise Vulnerability Assessor

Bethesda, Md. – GIAC Certifications, known for providing the highest standard in cyber security certifications, has launched a new certification:
GIAC Enterprise Vulnerability Assessor.

As advanced adversaries become more numerous, more capable, and much more destructive, organizations must become more effective at mitigating their information security risks at the enterprise scale. Expert assessment of possible threats and existing weaknesses has never been more critical for organizations across the globe.

To combat these threats, practitioners who have specialized abilities in detecting and responding to vulnerabilities, in combination with keen observation skills, are necessary for every enterprise security team. GIAC created the Enterprise Vulnerability Assessor (GEVA) certification to bolster this critical domain in the cyber security workforce and ensure that practitioners are well equipped to secure the enterprise.

The GEVA certification is designed to validate real-world, hands-on skills dealing with vulnerability assessment framework planning and methodology, and discovery, validation and remediation of vulnerabilities using specialized tactics. If you’re a security assessor or analyst, system administrator, or security auditor, then GEVA is the certification for you.

Get GEVA certified today:

Matthew Toussain, SANS SEC460 course author, says "Knowing our attack surface, what vulnerabilities a threat might leverage, what to patch and what risks to accept: this is vulnerability assessment, and it is as critical as it is hard. Today, we're starting to realize and respect that. The GIAC Enterprise Vulnerability Assessor (GEVA) certification represents an opportunity to master these critical abilities. GEVA-certified vulnerability assessors have the skills to dive deep into application-specific vulnerability analysis, to root out false-positive findings, to calculate true risk based on impact, and to maximize effects through triage.”

Certified GEVA practitioners are capable of handling threat management, comprehensively assessing vulnerabilities, and producing a vigorous defensive strategy. Professionals holding the GEVA certification have validated technical vulnerability assessment skills and experience with time-tested practical approaches to ensure security across the enterprise.

GEVA is designed to validate skills taught in the SANS Institute course, SEC460: Enterprise Threat and Vulnerability Assessment. The GEVA certification is now available to the public, and registration is open online. If you need assistance with registration, please email Get your GIAC Enterprise Vulnerability Assessor certification today to confirm your ability to improve the safety of your organization.

About GIAC Certifications

GIAC Certifications is a cyber security certification body featuring over 35 hands-on, technical certifications in information security. GIAC has issued over 132,000 cyber security certifications since it was founded in 1999. Eleven GIAC certifications are accredited under the IEC/ISO/ANSI 17024 quality standard for certifying bodies. GIAC is an affiliate of the SANS Institute. (

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions world-wide. Renowned SANS instructors teach more than 60 courses at in-person and virtual cyber security training events and on demand. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system–the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (