GIAC (https://www.giac.org/) is an institute focused on offering security certifications and training. They have different types of training, online, on-demand, and face to face. In my opinion the most valuable is face to face, because the material is the same in all cases, but the experience offered by the professionals who impart the course makes a difference.

re are a lot of offerings, but there are some specific courses that can be used by a bug bounty hunter in order to acquire knowledge. I recommend checking out the following certifications:

• Penetration Tester (GPEN): Although penetration testing is more related to network assessments, there are some bug bounties that include network targets or sometimes open programs include infrastructure analysis in their scope. Training in penetration testing is useful to create a solid basis for being a bug bounty hunter; here, you can learn how the most important technologies work and the basics of application security.
• Web Application Penetration Tester (GWAPT): This is perhaps the most relevant course from the bug bounty hunter perspective. Here, you will learn all about web application security, the SANS methodology, and how to go further with exploitation during a web application assessment.
• Exploit Researcher and Advanced Penetration Tester (GXPN): This is a specialized course for penetration testers who want to acquire more advanced skills in exploit writing, reversing, and post-exploitation techniques. It is not so relevant from the bug bounty hunter perspective, but is interesting if you want to participate in most advanced programs, such as Zerodium or ZDI.