Global Information Assurance Certification (GIAC) is aninformation security certification entity that specializes in technical and practical certification as well as new research in the form of its GIAC Gold program.SANS Institute founded the certification entity in 1999 and the term GIAC is trademarked byThe Escal Institute of Advanced Technologies.

GIAC provides a set of vendor-neutralcomputer security certifications linked to the training courses provided by theSANS. GIAC is specific to the leading edge technological advancement ofIT security in order to keep ahead of "black hat" techniques. Papers written by individuals pursuing GIAC certifications are presented at the SANS Reading Room on GIAC's website.

In March 2021, GIAC introduced CyberLive, a new hands-on testing format that assesses real-world cybersecurity skills in a virtual environment, alongside its traditional multiple-choice exams.^[1]

In December 2024, GIAC has rebranded its long-standing certifications asPractitioner Certifications, which include well-known qualifications like the GIAC Certified Forensic Examiner (GCFE). These certifications are aimed at validating professionals' abilities in real-world work environments, making them suitable for newcomers to the field as well as seasoned practitioners looking to enhance their skills and responsibilities in cybersecurity. In addition to this reclassification, GIAC has launched its newApplied Knowledge Certifications, designed to elevate testing standards and challenge candidates to showcase their mastery through hands-on, CyberLive exams that assess both their knowledge and practical skills. To achieve the prestigious designations of GIAC Security Professional or GIAC Security Expert, candidates are required to earn both Practitioner and Applied Knowledge Certifications, reflecting a comprehensive proficiency in the field.^[2]

GIAC Practitioner Certifications are primarily based on individual SANS courses, providing a focused assessment of the skills and knowledge acquired from those specific training programs. As of November 2025, GIAC has organized its certifications into nine "Cyber Specialties." Below is the list of Practitioner Certifications arranged according to this categorization.

Unlike the "classic" Practitioner Certifications from GIAC, the Applied Knowledge Certifications are based on a broader range of training and expert knowledge. They provide a more comprehensive evaluation of candidates' skills across various topics rather than focusing mostly on dedicated SANS training.

The following certifications are not found on the GIAC website and are not listed as retired:

• GIAC Secure Internet Presence (GSIP)
• GIAC Security Audit Essentials (GSAE)
• GIAC Certified ISO-17799 Specialist (G7799)
• GIAC Certified Security Consultant (GCSC)

As of November 2025, GIAC lists the following certifications as retired:^[3]

• GIAC .NET (GNET)
• GIAC Certified Incident Manager (GCIM)
• GIAC Certified ISO-27000 Specialist (G2700)
• GIAC Secure Software Programmer-C (GSSP-C)
• GIAC Securing Oracle Certified (GSOC)
• GIAC Secure Software Programmer-.net (GSSP-.net)
• GIAC Secure Software Programmer-Java (GSSP-Java)
• GIAC Perimeter Protection Analyst (GPPA)
• GIAC UNIX Security Administrator (GCUX)

• Official website

This article about an education organization is astub. You can help Wikipedia byexpanding it.

• v
• t
• e

• Computer security qualifications
• Digital forensics certification
• Education organization stubs

• Articles with short description
• Short description matches Wikidata
• Pages using infobox mapframe with missing coordinates
• Official website different in Wikidata and Wikipedia
• All stub articles