GIAC Information Security Professional (GISP)
Security Professionals that want to demonstrate they are qualified for IT systems hands-on roles with respect to security tasks. Candidates are required to demonstrate an understanding of information security beyond simple terminology and concepts.
- 1355 certified analysts as of April 26, 2017
- See the GIAC website for additional details on the GISP certification.
|Software Development Security||The candidate will be able to demonstrate an understanding of the key security principles related to secure application development.|
|Security Assessment and Testing||The candidate will demonstrate the ability to design, perform, and analyze security tests|
|Identity and Access Management||The candidate will demonstrate an understanding of identity management concepts and controls including AAA, passwords, tokens, biometrics, federation, and common threats.|
|Security Engineering||The candidate will demonstrate an understanding of secure engineering architecture and implementation for systems in networked, web based, and mobile environments and mitigating common vulnerabilities.|
|Asset Security||The candidate will demonstrate an understanding of asset management and classification, including access controls, handling and retention requirements.|
|Security and Risk Management||The candidate will demonstrate and understanding of security risk management and business continuity practices, including legal and regulatory compliance, security policies, and governance principles.|
|Communications and Network Security||The candidate will demonstrate an understanding of network security, including secure architecture, network protocols, security controls and devices, and common network attacks.|
|Security Operation||The candidate will be able to demonstrate an understanding of the managerial, administrative, operational aspects of information security.|