SecProve
ProfessionalVendor-neutralISO 17024GIAC / SANS· issued from US

GSOC

GIAC Security Operations Certified

SOC operations, alert triage, metrics, SOAR.

Official page at GIAC / SANS↔ Compare with another cert
Exam fee
$979
Ongoing
$0/yr AMF · 9 CPE/yr
Study time
100–180 hrs
Delivery
Online proctored
Validity
4 yrs (renewal cycle)

› Quality score

27.0 / 40

Four-axis SecProve rubric, each 0–10. SecProve editorial assessment — each axis carries a written justification so you can push back on any single call without dismissing the whole score.

Blueprint rigor
How well-defined and rigorous the exam blueprint is.
Tight mapping to SANS SEC450; explicit SOC-tier objectives.
8.5/10
Practical evidence
Hands-on labs / written reports vs pure MCQ.
Open-book MCQ. No live triage exercise.
4.5/10
Currency & upkeep
How aggressively content is kept current with the field.
Refreshed alongside SEC450 every ~2 years.
8.0/10
Market recognition
How often this signal actually moves a hiring decision.
Recognised inside SANS-trained SOC programs; growing in MSSPs. [Holders: 5k, 2024-12]
6.0/10

› Market signals

public, citable inputs to the recognition score
Holders worldwide
5,000
as of 2024-12 · source

› Built for these roles

SOC Analyst (Tier 2-3)SOC ManagerSecOps Engineer

› Exam format

Open-book MCQ exam, ~75 questions over 2-3 hours, online proctored.

Passing score
70% (scaled per attempt)
Retake policy
Fee: $999 per attempt
Wait: 30d between attempts

30-day wait. SANS course bundles typically include 2 attempts.

› Recertification

36 CPE credits over four years (avg 9/yr) plus the $499 renewal fee per cycle.

› NICE Framework work roles

The NIST NICE work-role IDs this cert maps to. NICCS lookup.

PD-WRL-003PD-WRL-001PD-WRL-004
Recognition
GlobalUSEUUK
Exam languages
en

› Core domains covered

The 3 domains this cert is centrally about. Passing the exam demonstrates working knowledge of each.

A10Security Operations

SOC operations, SIEM tuning, SOAR playbooks, alert triage, log analysis, runbook development.

A11Detection Engineering & Threat Hunting

SIGMA/YARA/Suricata rule writing, hypothesis-driven hunting, log deep-dives, detection gap analysis.

A7Incident Response & Forensics

IR playbooks, memory/disk/network forensics, chain of custody, malware analysis.

› Also touched

Present in the blueprint but not the primary focus — you’ll be introduced but shouldn’t expect depth.

A8Threat Intelligence

CTI lifecycle, MITRE ATT&CK, IOCs/TTPs, threat modeling (STRIDE, PASTA), STIX/TAXII.

B1AI-Powered Threat Detection

ML-based anomaly detection, UEBA, network traffic analysis, deep learning for malware.

B2AI-Driven Security Automation

SOAR + AI, automated triage, AI copilots for analysts, automated incident response.

› Prerequisites

Experience

Two-plus years of SOC experience. Typically paired with SANS SEC450.

Knowledge assumed
  • SIEM and log analysis
  • SOAR playbooks and automation
  • SOC metrics and tiered response

› Progression

requiredrecommended

Where this cert fits in the typical learning path. Required edges are vendor-gated; recommended edges reflect de facto industry progression.

Required prereqs (0)

No vendor-gated prereqs.

Recommended priors (2)
GSECGIAC / SANSSecurity+CompTIA
GSOC
GIAC / SANS
Required by (0)

No certs require this one.

Recommended next (1)
GCIAGIAC / SANS

› Study materials

Curated starting points. Not exhaustive — vet each against your learning style and the current exam version.

Official guides
Practice tests
  • GIAC Practice Tests (2 included with exam)
Free / community

› Version & lifecycle

Current version
2024 SEC450 refresh
Released
2024-04

› Salary signal

SOC analyst tier 1-2, US, 2-4 years.

$95K$145K
median $115K

Robert Half Salary Guide · 2024 · US base only · p25–p75 range

› How it compares

vs
CySA+

GSOC is SANS-grade SOC analyst depth; CySA+ is the more widely-recognized CompTIA equivalent.

↔ Compare side-by-side

See this cert’s domains highlighted on the interactive map, or compare it against the rest of the catalog.

Highlight on the domain mapBrowse all certifications