Guide: Getting started on your GIAC Certification track

About our Talent Services

You want new efficiencies, new opportunities and growth from technology, and you will need skills to get them. With Readynez Talent Services you will answer real and burning business challenges. No wonder we’ve been awarded the Microsoft Learning Partner of the year global finalist award for helping businesses transform and achieve remarkable results.

Get started

I’m an opportunity Leader looking for talent

I’m an ambitious graduate looking for an exciting career

In 1989, the SANS institute was founded to provide vendor-neutral training in IT-security and administration information.

SANS later formed the Global Information Assurance Certification (GIAC) programme as its certification brand for training courses. To date, more than 165.000 GIAC credentials have been issued.

GIAC develops and administers 48 different cybersecurity certifications, that are widely recognized among the highest and most rigorous cyber security accreditations available to business-, government-, and military clients all over the world.

But how do you get started with GIAC and what kind of training is available? This blog will provide all the insights, that you´re looking for.

GIAC Certification tracks
GIAC Certifications fall within 6 specific domains, each with its own certification track:

  • Cyber Defense
  • Industrial Control Systemns (ICS)
  • Penetration Testing
  • Digital Forensics and Incident Response
  • Developer
  • Management and Leadership

Getting started
Considering the vast amount of available GIAC Certifications, you may struggle to find your way around and find the best starting point.

Look no further! Readynez Instructor and GIAC Expert Jens Gilges shares his advice here:

These are the recommended entry  level GIAC certifications that provide an ideal starting point:

GIAC Security Essentials (GSEC)
Introduction to IT Security for Administrators, Management, Sales and Auditors.

GIAC Penetration Tester (GPEN)
Introduction to Penetration Testing and the hottest Cert around for that topic.

GIAC Cloud Security Essentials (GCLD)
Azure, AWS and Google, the only certification on the market with covers all important defensive and offensive aspects in any of these.

GIAC Global Industrial Cyber Security Professional (GICSP)
Teaches all important aspects starting in the defending SCADA and ICS Systems.

GSEC – GIAC Security Essentials
This GSEC training covers a wide range of topics, and it's recommended for anyone looking to get started with IT-Security. It’s not only interesting, if you have a technical background, it’s also ideal for managers, auditors or even sales consultants, who work with security related technologies and products. Basically, this training- and certification programme is for anyone interested in security, who want to get trained and certified in a wide range of basics.

This is covered:

  • Introduction to basic security concepts
  • Understanding Cryptography, Algorithms and Deployment
  • Understanding Defense in Depth
  • Introduction to Security Management, Risk and Incident Response
  • Configuring, securing and hardening Linux Operating Systems
  • Configuring, securing and hardening Windows Operating System
  • Security Concepts in the Cloud
  • Networking Protocols and Services
  • Securing Networks
  • Introduction to Windows and Linux Forensics


GPEN – GIAC Penetration Tester
This GPEN training offers all the necessary knowledge to plan, execute and document all tasks to successfully to run a penetration test in a professional customer environment. You will get an in-depth introduction to all the most up-to-date methodologies and tools as well as current hands-on exercises using Hack The Box running the latest labs and exercises. This course is ideal for Penetration Testers as well as for Blue Team Members, who will value the knowledge in offense tactics in order to provide better defense.

This is covered:

  • Introduction to the Penetration Testing Methodologies
  • Planning a Penetration Test
  • Footprinting and Reconnaissance
  • Scanning Networks
  • Performing Vulnerability Scans
  • Exploitation Fundamentals
  • Performing Password Attacks
  • Performing Kerberos Attacks (Attacking Active Directory Domains)
  • Domain Escalation and Persistence Attacks
  • Attacking Windows Azure
  • Metasploit
  • Penetration Testing with PowerShell

GCLD – GIAC Cloud Security Essentials
This GCLD training teaches all the necessary assess-, implement- and audit defensive security controls in Azure, AWS and Google Cloud. This is the only vendor neutral security course on the market right now and therefore it is interesting for Risk Managers, Security Managers, System Administrators and Engineers in one of the major platforms.

This is covered:

  • Introduction to Cloud Security Concepts
  • Government and Legal Considerations
  • Access Controls and IAM Best Practices
  • Secure and Monitor Compute Deployment
  • Secure and Monitor Virtual Networks in the Cloud
  • Secrets Management and deploying Encryption
  • Store, encrypt and monitor sensitive data
  • Secure and Monitor Containers
  • Cloud Automation

GICSP – GIAC Industrial Cyber Security Professional
This GICSP course is relevant for anyone working with Industrial Control Systems (ICS) or SKADA Systems. It delivers a good introduction to all relevant protocol-, infrastructure- and network design best practices. This class also delivers all the required skills on how to harden and audit Linux and Windows Systems for an ICS environment, but also how to execute this against controllers, HMIs other components you will find in an industrial control systems environment.

This is covered:

  • ICS Components and Protocols
  • The Perdu Model
  • ICS Level Design and Security
  • Hardening ICS Operating Systems
  • Securing Wireless in an ICS environment
  • Attacking ICS Systems
  • Risk Based Disaster Recovery and Incident Response

Training for the GIAC Certifications
Getting ready for your GIAC Certification will require an average of 55 hours in addition to your SANS classroom training according to GIAC.

There’s no doubt that the certifications are challenging, and that significant study time and hands-on time is required. The exams are designed to measure your ability to correctly analyse and respond to situations.

That said, there are alternative options to the SANS training that will provide you with the all the required knowledge in a classroom environment and get you ready for the exams.

How Readynez GIAC training is different:

  1. Readynez provides 10% slides and 90% hands-on.
  2. Readynez maintains the course material and keep it up-to-date.
  3. Extra exam prep material. (GIAC is open book, and Readynez provides the extra that you need in order to pass the exams first time)
  4. Labs are up-to-date.
  5. Readynez offers smaller groups and more time for personal interaction

So, regardless of how you train for your GIAC Certification. Look for more hands-on, more hours of instructor-led training, updated material and smaller classes.

When you´re ready for your exam, you simple sign up for online examination via the GIAC website in an administered proctored environment.

Are your ready? See all GIAC Training here and get in touch with us directly in the chat for questions.

18. May 2021

by Maria Forsberg

Maria Forsberg

Marketing Manager

Readynez uses cookies to improve your website experience. To learn more please read our policy.

Privacy policy OK