My First GIAC

 My first GIAC that I acquire is GREM or GIAC Reverse Engineering Malware. I took this exam last March 31, 2025 and passed the exam with 91% score. This course was not sponsored by my current job instead this was self-funded. You might wonder why ? No reason at all, just want to have my first GIAC cert since I have self-funded other certs like OSCP before. 

My background prior taking the exam are not that good in terms of Malware Analysis and Reverse Engineering. Although, I don't have experience with those, I did take the TCM PMRP (Practical Malware Research Professional) prior taking the course and passed that one. My experience in cybersecurity is focus on Application Security, I do perform penetration testing of Web, Mobile and APIs but never I performed Reverse Engineering before. Since I wanted to work as a reverse engineer or have a career in reverse engineering, I decided to follow a path or rather I create a path that I will work on and that is why I enrolled on the course like TCM's PMRP and GREM.

I enrolled on FOR610 course this January 3, 2025. My background with TCM's PMRP do help since I already know the basic of Malware Analysis. Although, I do acquire knowledge from PMRP, the GREMs contain some topics that were never discussed on the PMRP course. Lenny, the course instructor, really do a great job at teaching the topics. I learned a lot. By the way, this is an on-demand course which meant that it is a self paced course and I get to decide when and where I will study.

After doing the course and labs, I took my first practice test on February 2025. I did the practice test with stock knowledge thinking I could easily ace this, oh boy I was wrong. I finished the exam with 63% score 10% below the passing mark of 73%. After taking my first practice test, I realized the importance of indexing. My theoretical skills or knowledge is not good, I easily forget the meaning of something but when it comes to labs / cyberlive there were no big issues at all so my focus was creating a good index and redo everything from the beginning. After a month of reviewing and creating an index, I was able to score 81% on my second practice test which is 1 week prior my exam schedule. I feel confident now and decided that I would go take the exam even though I only score 8% higher than the passing mark. My confidence is mainly because I know that I won't have problem with Cyberlive, only with the theoretical questions. 

During the exam, the first question, a theoretical one, would make my heart sink. I mean that question is something I did not encounter on the practice exam it was way different, the only think I can think of is "Dang, I rushed the exam and have not studied enough". It took me 5-10minutes before I came up with the decision of skipping that haha. After skipping that one, I took a deep breath, calm myself and then continue with the rest of the exam. The exam is harder compare to the practice exam but like I said, cyberlive won't be a problem to me since I also make sure that I am completely familiar with the tools and  how to navigate through them. My only problem is the theoretical one, I just thought of no matter how I index, some questions are just tough. After finishing the cyberlive, I comeback to the question I skipped, I believe that I just guess those since I really don't know anymore. 

The result is 91% way higher than what I thought. I am thankful that I got this score, it was worth it. The FOR610 course is great, it taught me a lot of things I needed to be good in Malware Analysis. I am planning on being great with reverse engineering so I will continue learning whether it is enrolling on some course or reading books.