GPEN
GIAC Certified Penetration Tester
Created per CertMap methodology · Updated 12 May 2026 · About the editorial team →
▾ Jump to …4 sections
Overview
What is GPEN?
The GPEN certifies technical penetration testers with a focus on methodical approaches to network pentesting. It is typically based on the SANS course SEC560 and covers reconnaissance, exploitation, and post-exploitation. Unlike pure multiple-choice exams, the GPEN also includes practical CyberLive challenges, which increases its practical relevance. For professionals who already have basic networking knowledge, it is a solid entry into offensive security at an intermediate level. Compared to the OSCP, the GPEN is methodologically broader but less intensively focused on purely technical exploitation.
Quick facts
Key details
Cost, prerequisites, exam & renewal
Cost over 5 years
Prerequisites
No formal prerequisites. Associated SANS course strongly recommended.
Exam format
82 questions + CyberLive, 3 hours, open-book, proctored via Pearson VUE. Passing score: 74%.
Renewal & maintenance
Valid for 4 years. Renewal through 36 CPE credits or renewal exam (479 USD). Each GIAC cert separate.
Classification
CertMap score and matching roles
Rating
Matching NICE roles
Mapping from NIST NICE Framework SP 800-181, status 2025. NIST source ↗
More certifications
More certifications
From GIAC
GASAEGIAC AI Security Automation EngineerGCFAGIAC Certified Forensic AnalystGCIHGIAC Certified Incident HandlerGICSPGIAC Global Industrial Security ProfessionalGOAAGIAC Offensive AI AnalystGSEGIAC Security ExpertGSECGIAC Security Essentials CertificationIn Pentesting / Red Team
CEHEC-CouncilMAD Adv. EmulationMITRE EngenuityOSCPOffSecOSEPOffSecPECB LEHPECBPECB LPTPPECBThis page follows CertMap methodology: editorial content is curated by hand. Score, costs and NICE mapping are aggregated from official provider documents. Score methodology → · TCO methodology →
Transparency: CertMap is operated by Daniel Thomas Heessel, who is also managing director of Threat‑Informed, a company specialising in Threat‑Informed Defense. He additionally offers consulting services on CertMap. CertMap currently receives no commissions from certification providers, no affiliate links, no sponsored placements. Podcast and interview guests are not paid for appearances and receive no affiliate commissions.
From the knowledge base
View all articles →About the CertMap editorial team
CertMap is an independent platform for comparing cybersecurity certifications, built on data-journalism standards that combine editorial curation with mechanical aggregation.
Certification vs. Certificate: What's the Difference?
Personnel certification per ISO/IEC 17024 versus a training certificate. Why the distinction matters.
BSI IT-Grundschutz: Practitioners, Advisors, and the Accreditation Question
What distinguishes Practitioner from Advisor, and where does accreditation sit in the BSI path?
1:1 with the CISO
Need the full picture for your case?
60 minutes of personal strategy instead of weeks of self-research. Vendor-independent, with a written report.