AssociateVendor-neutralISO 17024GIAC / SANS· issued from US

GSEC

GIAC Security Essentials

Broad defender fundamentals. Often paired with SANS SEC401.

Official page at GIAC / SANS ↔ Compare with another cert

Exam fee

$979

Ongoing

$0/yr AMF · 9 CPE/yr

Study time

100–200 hrs

Delivery

Online proctored

Validity

4 yrs (renewal cycle)

› Quality score

27.5 / 40

Four-axis SecProve rubric, each 0–10. SecProve editorial assessment — each axis carries a written justification so you can push back on any single call without dismissing the whole score.

Blueprint rigor

How well-defined and rigorous the exam blueprint is.

Open-book exam mapped tightly to SANS SEC401 — granular blueprint.

8.5/10

Practical evidence

Hands-on labs / written reports vs pure MCQ.

Open-book MCQ rewards comprehension over memorisation; some performance items recently added.

4.0/10

Currency & upkeep

How aggressively content is kept current with the field.

Refreshed alongside SANS SEC401 every ~2 years.

8.5/10

Market recognition

How often this signal actually moves a hiring decision.

Strong inside SANS-trained orgs and DoD; less universal than CompTIA Sec+. [Holders: 30k, 2024-12] [DoD 8140 listed]

6.5/10

› Market signals

public, citable inputs to the recognition score

Holders worldwide

30,000

as of 2024-12 · source

DoD 8140 baseline

Listed

IAT-II

› Built for these roles

SANS-trained generalistDoD 8570 IAT-II checkboxMid-career security engineer

› Exam format

Open-book MCQ exam, 106-180 questions over 4-5 hours, online proctored. SANS practice tests strongly recommended.

Passing score

73% (scaled per attempt)

Retake policy

Fee: $999 per attempt

Wait: 30d between attempts

$999 retake. 30-day wait between attempts.

› Recertification

36 CPE credits over the four-year cycle (avg 9/yr) plus the $499 renewal fee paid once per cycle. Higher-tier GIAC cert auto-renews.

› NICE Framework work roles

The NIST NICE work-role IDs this cert maps to. NICCS lookup.

PD-WRL-001IO-WRL-001DD-WRL-004

Recognition

GlobalUSEUUK

Exam languages

› Core domains covered

The 4 domains this cert is centrally about. Passing the exam demonstrates working knowledge of each.

A2Network Security

Firewalls, IDS/IPS, network segmentation, DNS security, SD-WAN, VPN, traffic analysis, wireless security.

A10Security Operations

SOC operations, SIEM tuning, SOAR playbooks, alert triage, log analysis, runbook development.

A15Cryptography

Symmetric/asymmetric, PKI, TLS/SSL, hashing, post-quantum cryptography, key management.

A6Identity & Access Management

AuthN/AuthZ, SSO, MFA, PAM, RBAC/ABAC, identity governance, FIDO2/passkeys, plus non-human identity: service accounts, workload identity, agent / plugin identities.

› Also touched

Present in the blueprint but not the primary focus — you’ll be introduced but shouldn’t expect depth.

A4Application Security

OWASP Top 10, secure SDLC, SAST/DAST/IAST, API security, code review, DevSecOps.

A3Zero Trust Architecture

Zero trust principles, micro-segmentation, NIST SP 800-207, ZTNA, continuous verification, BeyondCorp.

A12Data Security, Privacy & Protection

Data classification, encryption-at-rest/in-transit, DLP, tokenization, privacy-by-design, plus the regulatory stack (GDPR, CCPA, HIPAA) that sets the bar.