When a person obtains the Global Information Assurance Certification Forensic Examiner (GCFE) ensure that all candidates who successfully pass the exam have the knowledge, skills, and abilities required to acquire and examine evidence from digital systems to find and recover known essential artifacts to prove or disprove a fact in order to produce a formal report or presentation that could be used internally or in civil/criminal litigation.
GIAC Certified forensic analysts (GCFAs) are front line investigators during computer intrusion breaches across the enterprise. They can help identify and secure compromised systems even if the adversary uses anti-forensic techniques. Using advanced techniques such as file system timeline analysis, registry analysis, and memory inspection, GCFAs are adept at finding unknown malware, rootkits, and data that the intruders thought had eliminated from the system.
The GIAC Reverse Engineering Malware (GREM) certification is designed for technologists who protect the organization from malicious code. GREM-certified technologists possess the knowledge and skills to reverse-engineer malicious software (malware) that targets common platforms, such as Microsoft Windows and web browsers. These individuals know how to examine inner-workings of malware in the context of forensic investigations, incident response, and Windows system administration.