Is the ROI on GCIH worth it at any point in your career? Suggestions for alternatives that pay the same dividends as GCIH? Did SANS career services play a part in finding that desired job?

My organization paid for my SANS training which was really nice of them and decided to take the SEC504 course. Its all stuff I have done in the past but a good refresher. But I am wondering if its worth coming out of pocket to pay for the exam attempt (They wont pay for the certification attempt only for the course work).

Here are the new price increases for SANS courses with GIAC Certificates starting JUNE 1st

Specifically, the tuition increase that goes into effect for course registrations on or after June 1, 2023 will look like this: 

• Master's and Bachelor's classes with a SANS course and GIAC exam: currently $4,125 - changing to $4,500.

• Master's and Bachelor's 1-credit courses: currently $1,375 - changing to $1,500.

• Certificate classes with a SANS course and GIAC exam: currently $5,500 - changing to $5,700.

• Certificate program 1-credit courses: currently $1,375 - changing to $1,900.

• BACS 3275 and ACS 3275: currently $1,375 - changing to $1,500

• Single Class- SANS course and GIAC exam: currently $6,000 - changing to $6,500.

I am curious on how GCIH training works? Plan to take GCIH( I don't have any Sans Certifications) , but the pricing on the website is a bit confusing though. Can anyone enlighten me on GCIH exam cost, how the training works? Maybe can i do self-studies using some other resources to pass GCIH exam?

So I’m looking into my GCIH certification. I’d like to have it under my belt and my boss would like me to look into it as well. I’m employed as an Information Security Analyst right now so I’m really looking to get some better credentials to back myself and my work to get into a Senior role and more advanced roles down the line. However, everything I find on studying for it says to take the SANS course which comes at a pretty penny.

Did anyone else take this without taking the SANS course and felt comfortable taking the exam and passed? What materials did you use if you didn’t take the SANS course? My job will cover the exam cost but I don’t believe the course cost so I’m looking for other alternatives to prep. Any help is appreciated.

Looking to take the GCIH without the SANS class. I have the GCIH GIAC Certified Incident Handler All-in-One Exam Guide and various practice tests I have found online...but was hoping other folks could chime in with good resources.

I know the test is tough without the actual SANS materials so I'm trying to be as thorough as possible in my studying. If anyone has any good materials they found useful, please let me know. Thanks!

Hello,

For 2025 my job allows me $2000 for certifications including courses and practice tests. I was planning on attempting the GCIh but I was shocked to see that the course for GCIH is $9000. $1400 will get me the test and a practice exam. Does anyone know of any courses around $500 that will prep me for this exam?

I'm looking at my work supported study options for this year and tossing up whether to try and get on a SANS course.

I am wanting to expand my technical knowledge a bit and bulk the resume out a little with another cert. Something in the Intrusion Analysis/Defense space interested me, so I was thinking SEC503 and an attempt at GCIA.

However together they appear run at nearly $7000USD in cost (I swear they didn't use to be that expensive?), which works out at nearly $9000 in Australia dollars. I could maybe get half that covered by work, so would have to fork out a fair bit myself.

I know that the general consensus is that they are the current gold standard, but the cost is really off putting. Some people I know have stated they weren't blown away with the content of the SAN courses they attended.

The other two certs I can see in that space would be the CySA+ and CCNA CyberOps, neither of which appear to have anywhere near the same reputation, but for the price of the SANS course I could probably do both and do my CCNA Security and have money left over.

Does anyone have an opinion on whether SANS training is really worth it?

Hey everyone I appreciate you taking time to help!

I am trying to make a career change and was recently offered an introductory position in the cyber security field with one stipulation, GCIH is required prior to my first day. If I pass then I will be reimbursed full cost.

My question is - how much of a cyber security/IT background do you need in order to make use of Sans GCIH classroom instruction and to actually comprehend the information? Would you recommend this certification to a junior employee as their first training and exposure?

I have an EXTREMELY limited understanding of cyber security/IT/programming and from the price tag I worry that this may be a difficult introductory course. My degree is completely irrelevant to the field and I have never worked in such a technical field.

I have been trying to get myself some sans certs for years now like many others, and like many others I do not have 10k to throw around to go through their classes. I have been thinking about trying to self study or find some alternative way of getting my certs. I am specifically interested in GCIH and Cloud Security Automation.

Hey everyone,

I recently completed my Security+ certification and was looking to take my next step toward a cybersecurity career. Initially, I had my sights set on the GCIH (GIAC Certified Incident Handler) since it seems to hold strong industry value, especially for SOC roles. While CySA+ is another option, I felt that GCIH had a better reputation and would help me stand out more.

However, after looking into the costs of the practice materials and exam, I had to take a step back. The prices are in the thousands of dollars, which is just way out of my budget as a university student from India. This made me reconsider if it’s the right move for me at this stage.

My main goal is to break into cybersecurity, ideally through a SOC analyst role, since I enjoy working with incident detection, log analysis, and threat response. I’d love to hear from those who have taken the GCIH or followed alternative paths:

• Is GCIH really worth the price for someone just starting out?

• Would CySA+ or another cert (maybe a budget-friendly SANS alternative) be a better option?

• Any advice on breaking into a SOC role without high-cost certs?

Any insights would be greatly appreciated! Thanks in advance.

Thankyou to people who posted their journeys here.

My Tips:

• No need to ask for pre-made indexes, it's compulsory to make your own index in order to pass this exam. (I was also under wrong impression that I can use pre-made index, but it won't be helpful at all!) Creating index is not tuff, you just need 3 columns (keyword, summary and page number)

• Cut each of your 5 book indexes and paste outside the books. (It will help to quickly navigate to relevant items)

• While creating the index, write down each and every important keyword from the books (the commands in the images, words in italics, bold text)

• Make index for Workbook lab exercises which contains all the commands with short explanation

• Utilize "skip questions" feature in the exam, you can skip 15 questions if not sure about the answer and you can figure them out when you have time

• Cyberlive are simple if your workbook lab index is strong and organized.

I was extremely tensed because of overthinking about the cost involved and "what if failed". But whoever is going to take this exam next will be fine if done 2 times books reading, 2 times watching lab videos and gave practice exam 2 times.

Lastly, you are not alone! My mentorship is always open.

TLDR: I think it’s the best Cybersecurity program outside of major (expensive) brick and mortar universities like Carnegie Mellon.

I’ve been getting a lot of messages lately regarding the SANS ACS program. Since I just graduated from the program on Saturday, I figured I would go ahead and make a post about my SANS experience. This way future applicants or prospective applicants will have an idea of what they’re getting into.

I am NOT a paid actor lol.

First, the basics.

You should know that currently the base cost of the program is $17,875. This includes four SANS certs: GFACT, GSEC, GCIH, and one elective. The course is built to take place over a year, giving you 3 months per cert, but this can be shortened or lengthened depending on how hard you work and how much time between certs that you want.

If you’re interested in a bachelor’s they also offer that, with a final cost of like $40k. It includes a lot more courses, but also requires you to have all pre-reqs already satisfied from another college.

The ACS program is technically collegiate, so there is a GPA attached, however, the grades stem almost entirely from whatever you score on the certification.

The school does take some special scholarships, but they’re few and far between. However, they do offer an Income Share Agreement to ease the financial burden. The income share comes out to 8% of your gross pay after graduation. The ISA will only kick in once you start making more than 40k per year. The maximum gross payment for the ISA program is $22.5k (I believe).

Now that the basics are out of the way, let me tell you my experience.

The first major hurdle is pricing.

When I started the program, I was a part time helpdesk in a small IT department, when I ended the program I had just been hired on as an Associate Security Consultant at a major company. This salary jump more than paid for the cert within the year that I was taking the classes. My one year ROI is thus at about 200%. So I think the cost is entirely worth it.

SANS does have a career development center that utilizes Handshake to provide you with opportunities. In my experience, most of the businesses that come to SANS looking for workers want hardened and experienced security practitioners. So, my new job did not come from SANS. However, I can directly attribute my hiring to the certifications that I had achieved, and the help the career center had given me.

In the industry people will tell you “SANS is too expensive; just self-study comptia, it’s so much cheaper.” They are not entirely wrong. A GCIH is typically about $8K. A pretty damn hefty burden, honestly. However, in this program the price drops by about half to around $4.5k AND the cost of SANS certs will never increase past what you paid in your program. So, if in 5 years I decide I want to go purchase a GPEN course, instead of it being 8k it will only be 4.5k. This is a lifetime perk. This can potentially save you thousands across your lifetime on what is arguably the best training in the world.

Next, quality.

SANS is second to none in teaching. With this program, you can do live in-person, live online, or live on demand. I did live on-demand because I couldn’t get off work.

The books, videos, and lab environments are all world class. I have been in online schooling in one form or another since middle school, and I can easily say that this is the best there is.

EX) I the GCIH final lab, there is an entire enterprise architecture built out for you to attack. Think Hackthebox Enterprises.

Every single module (modules being about 10-20 pages a piece) of every book has a lab attached so you can get real hands on experience with the subject matter. This is critical for retention, and for actually understanding the nuts and bolts of what's going on behind the scenes.

If you have trouble studying on your own, you have access to Subject Matter Experts during business hours on all the weekdays, and can even reach out to instructors if you need further help.

Lastly, networking and community.

Being what is effectively a self-paced pure online school, you probably think that you miss out on networking. This is wrong. The SANS student slack channel is constantly filled with debate and people helping each other. Furthermore, the CTF teams at SANS are world class. They win pretty much anything they enter into. SANS will help place you in teams with people that are in your skill level and that you can compete with as a team. You’ll get to meet plenty of people if you want to. However, this is entirely optional, and not required.

Conclusion

Some of you will probably think I’m just a SANS shill, or a fanboy, and tbh I kinda am. I owe a lot of my career to them. I don’t want new guys wasting their time or money on shitty 6 month bootcamps that cost a ton, only to “prepare” you for the Sec+. That’s ridiculous. Spend the time and money and get the best training you can.

In my experience, SANS isn’t highly selective or hard to get into. I’ve never talked to anyone who wasn’t given a chance. I did go the ISA route, which they are a little more choosey about, but generally they’re happy to help you.

A lot of people also go the WGU route, and I think that’s perfectly fine. It is a lot cheaper, and does give you a host of decent comptia certs. I actually think WGU is a respectable school. I just personally believe your time and effort is better spent at SANS where you will learn from the best of the best, and will come out prepared to face the real world.

If anyone has any questions, feel free to PM me! I'm happy to talk more specifically about my experience or give some pointers on passing exams.

If you're looking to get into cyber and don't know where to start, you can also PM me, and I'll flood you with resources to help figure out a path for you.

PS. To veterans, I do believe they take the GI bill.

Hi all. So im planning to take the sec 504/ GCIH later this year through the SANS Technology Institute (its a lot easier to get my company to pay for college courses than week long certification courses and the like). That said, I have to pay up front and then ill get reimbursed IF I get an A or a B... I believe the SANS Technology Institute courses are graded by whether or not you pass the associated GIAC exam so obviously, there's going to be a lot riding on this exam for me. As such, I want to do everything in my power to pass it, and that includes doing some studying beforehand.

Does anyone have any certifications, courses, videos, or books they recommend that cover / touch on the GCIH topics?

For context, I have my CISSP, CCNA, security+, Cysa+, and pentest+ and I work in security (so im not new to this stuff).

Not saying no studying, but my uni is willing to sponsor up to $500 for certifications. I was thinking of just taking the GCIH exam for ~$1000 (minus another $500 from school sponsorship) but am worried that if I don't take the training I won't be able to pass.

Do y'all think it's possible to pass the GCIH without their training? And if so, what books / resources would be good to study?

I’ve posted this before in /Cybersecurity. I’m gathering as many pieces of resources as I can gather for this exam. Has anyone taken the self study route? If so, recommend me what you used to tackle this expensive beast.

So far I have John Strand “Offensive Countermeasures “ , Cybersecurity Incident response, and the Blue Team field manual.

Additional books I have from class: Hacker techniques, tools, and incident handling, Computer forensics.

Reasons for this jump:

To understand the incident response framework and tools. Use of majority of the probing to explain certain behaviors. To be a better analyst right off the back. I’m currently trying to transition into an associate level role.

Thank you for any advice,

Swipe

PS I do not have any of the course material. I’m going to take the test for 1900 without material just book references, home labs, and self studying.

Who has passed GCIH without taking the SANS Training? How were you able to do it? I am done with CISSP and feeling bored. I want to attempt this one.

I'd like to ask for your suggestions on what to take for my first SANS training and GIAC exam, GCIH or GCFA?

My current role is a SOC analyst and I'm already certified with CompTIA Sec+ and CompTIA CySa+. I'll be using my own money to get this training+exam and I'd like to get your suggestions what would be more valuable for my money.

I am more interested in Forensics but also seeing the syllabus for GCIH, I think I will still learn from it.