Cloud Security

Certification Guide
Find the Cloud Security
Certification That’s Right for You

1 Cloud Security Certification Guide

 Master Tomorrow’s
Cloud Security
Skills, Today.
As commercial businesses and government organizations the world over
continue to embrace cloud infrastructure, it’s critical for cyber defense
professionals to understand how to secure it. Prepare for what’s certain to
be a cloud - heavy future in cybersecurity by certifying with GIAC.
GIAC Certifications covers the airwaves between foundational cloud
security concepts and more advanced topics and specialties such as
cloud - specific penetration testing and forensics as well as DevSecOps
automation.

GIAC’s Cloud Security Certifications are designed to help you master the
practical steps necessary for defending systems and applications in the
cloud against the most dangerous threats. Earning GIAC certifications
commands industry respect and validates you have the skills to ensure
cloud security at any organization.

2 Cloud
CloudSecurity
Security Certification Guide
 Why Certify with GIAC?
Research continually shows that credentialed employees are more empowered and
contribute greater value to their organization.

Benefits for the Company

Performance
The Testing Effect
82%
of organizations seek candidates with
Certifications are a critical part of
cybersecurity training. Research shows
credentials the action of testing and taking an
Source: PearsonVue 2023 and 2022 exam is shown to increase learning and
retention levels.
“I value the instant respect and credibility GIAC Studies on the Testing Effect show that
professionals receive. People know you’ve candidates recall 50% more of learned
worked hard to obtain the certification and they information by testing rather than
recognize the critical skills and knowledge that studying.
come with it.”
Ben Boyle | GWAPT, GXPN, GPEN

Benefits for Students

Personal Validation Growth Opportunity

92%
of certified candidates say they are
81%
of certified candidates have more
more confident in their abilities confidence to explore growth opportunities

Source: PearsonVue 2023 and 2022

3 Cloud Security Certification Guide

 GWEB Web Application Defender Certification
• Web application architecture, authentication and authorization vulnerabilities, and
defense and mitigation
• Proactive defense and operation security, AJAX and Web services security
• Clickjacking, DNS Rebinding, Flash, Java, SSO, and IPv6

NICE Framework Work Roles: SANS Training Course:

• Software Developer - SP-DEV-001 Software Developer - SP-DEV-001
• Secure Software Assessor - SP-DEV-002
• Information Systems Security Developer - SP-SYS-001 Get GWEB Certified
• Systems Developer - SP-SYS-002
• Research & Development Specialist - SP-TRD-001

GCSA Cloud Security Automation Certification

• Using cloud services with Secure DevOps principles, practices, and tools to build
and deliver secure infrastructure and software
• Automating configuration management, Continuous integration, continuous
delivery, and continuous monitoring
• Use of open-source tools, the Amazon Web Services toolchain, and Azure services

NICE Framework Work Roles: SANS Training Course:

• Enterprise Architect - SP-ARC-001 SEC540: Cloud Security and
• Software Developer - SP-DEV-001 DevSecOps Automation
• Information Systems Security Developer - SP-SYS-001
• Systems Developer - SP-SYS-002
Get GCSA Certified
• Research & Developmental Specialist - SP-TRD-001

4 Cloud Security Certification Guide

 GCLD Cloud Security Essentials Certification
• Evaluation of cloud service provider similarities, differences, challenges, and
opportunities
• Planning, deploying, hardening, and securing single and multi-cloud environments
• Basic cloud resource auditing, security assessment, and incident response

NICE Framework Work Roles: SANS Training Course:

• Security Architect - OPM 652 SEC488: Cloud Security Essentials
• Systems Security Analyst - OPM 461
Get GCLD Certified
• Information Systems Security Manager - OPM 722

“The amount of knowledge from the class and hands-on modules are so on
point, I keep revisiting the class materials on a weekly basis for work.”
- Beeson Cho

GPCS Public Cloud Security Certification

• Evaluation and comparison of public cloud service providers
• Auditing, hardening, and securing public cloud environments
• Introduction to multi-cloud compliance and integration

NICE Framework Work Roles: SANS Training Course:

• Security Architect - SP-ARC-002 SEC510: Public Cloud Security: AWS,
• Secure Software Assessor - SP-DEV-002 Azure, and GCP
• Security Control Assessor - SP-RSK-002
Get GPCS Certified
• Information Systems Security Developer - SP-SYS-001

5 Cloud Security Certification Guide

 NEW! GCTD Cloud Threat Detection Certification
• Detecting attacks in the cloud
• Cloud investigations and cyber threat intelligence
• Assessments and automation in AWS and Azure
NICE Framework Work Roles:
• Cyber Defense Analyst - PR-CDA-001 SANS Training Course:

• Cyber Defense Infrastructure Support Specialist - PR- SEC541: Cloud Security Attacker
INF-001 Techniques, Monitoring, and Threat
Detection
• Cyber Defense Incident Responder - PR-CIR-0001
• Adversary Emulation Specialist / Red Teamer - PR-VAM-001 Get GCTD Certified
• Threat/Warning Analyst - AN-TWA-001

GCPN Cloud Penetration Tester Certification

• Cloud penetration testing fundamentals, environment mapping, and service
discovery
• AWS and Azure Cloud Services and attacks
• Cloud-native applications with containers and CI/CD pipelines

NICE Framework Work Roles: SANS Training Course:

• Security Control Assessor - OPM 612 SEC588: Cloud Penetration Testing
• System Testing and Evaluation Specialist - OPM 671
• Vulnerability Assessment Analyst - OPM 541 Get GCPN Certified
• Pen Tester - OPM 541
• Cyber Ops Planner - OPM 332

6 Cloud Security Certification Guide

 GCFR Cloud Forensics Responder Certification
• Log generation, collection, storage, and retention in cloud environments
• Identification of malicious and anomalous activity that affect cloud resources
• Extraction of data from cloud environments for forensic investigations

NICE Framework Work Roles: SANS Training Course:

• Cyber Defense Incident Responder - OPM 531 FOR509: Enterprise Cloud Forensics
• Cyber Crime Investigator - OPM 221 and Incident Response Certification
• Law Enforcement / Counterintelligence Forensics Analyst -
OPM 211 Get GCFR Certified
• Cyber Defense Forensics Analyst - OPM 212

Get GIAC Certified Today

GIAC’s certifications are created to match the needs of both the cybersecurity
landscape and the cyber professionals practicing within it. Spanning the breadth
of infosec, GIAC offers certification across various focus areas, including offensive
operations, cyber defense, cloud security, DFIR, management, and ICS. To learn
more about GIAC Certifications, please visit: www.giac.org

www.giac.org
7 Cloud Security Certification Guide
8 Cloud Security Certification Guide