SANS Security Administration Domain Certification 2015 Outlook

SANS Security Administration technical training is second to none and with the information security job market booming certification numbers continue to rise across the board. The generalist GSEC credential leads the way numbers wise but it is the incident handler (GCIH) certification that is hot in the marketplace. The GCIH credential is coveted in the industry and it’s popularity is acknowledgement by the industry that incidents will happen and effective response is essential. Skilled incident response analysts are essential to modern information security organizations to help identify incidents and minimize the impact to the enterprise after they occur.

Predictions for 2015:

  • The number of GCIH certification holders continue to rise. This is a valuable credential that blends both incident response and the ability to understand hacker tools and techniques. Expect 15,000 certification holders by end of year.
  • The GICSP certification’s growth will rapidly rise in response to the increasing awareness of high impact process control related cyber security events  (German Steel and Turkish pipeline recent news) and the desire to build programs to mitigate the risks.
  • The GCED Enterprise Defender credential will experience rapid growth and be top 6 in overall numbers in this domain by 2016.
  • The GCCC certification will grow but struggle to obtain the success of the other certifications ahead of it due to being more a generalist credential focused on implementing the SANS Top 20 Controls.

All of these SANS Administration domain credentials have a base price of $1,099 (prior to any training related discounts). All of the certifications require renewal after 4 years which can be accomplished via 36 Continuing Education Credits and a renewal fee of $399. Another option to retain the certification after the four years is to retake the exam.

Here is the Security Administration domain summary table summarizing the key information for these certifications as of January 2015.

Certification NameTotal Certificates Issued as of 1/19/15# of Exam QuestionsExam Time Limit (hrs)Minimum Passing Score
GIAC Security Essentials (GSEC)15749180573%
GIAC Certified Incident Handler (GCIH)10439150472%
GIAC Certified Intrusion Analyst (GCIA)4662150467%
GIAC Penetration Tester (GPEN)3663115374%
GIAC Web Application Penetration Tester (GWAPT)229275270%
GIAC Certified Perimeter Protection Analyst (GPPA)177275269%
GIAC Certified Windows Security Administrator (GCWN)152875266%
GIAC Information Security Fundamentals (GISF)108175270%
GIAC Assessing and Auditing Wireless Networks (GAWN)88175271%
GIAC Certified Enterprise Defender (GCED)865115368%
GIAC Certified UNIX Security Administrator (GCUX)75575265%
GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)51775366%
Global Industrial Cyber Security Professional (GICSP)351115369%
GIAC Mobile Device Security Analyst (GMOB)34575266%
GIAC Critical Controls Certification (GCCC)4875371%
This entry was posted in SANS Training. Bookmark the permalink.