Too often there’s a “patch approach” to keeping software and applications safe — but not on your watch. You make sure security isn’t an after-thought.
Prove you’re an expert with the CSSLP: a global software security certification that recognizes those who have leading application security skills.
As a CSSLP, you have an internationally-recognized ability to incorporate security practices — authentication, authorization and auditing — into each phase of the software development lifecycle (SDLC). The CSSLP shows you can:
- Develop an application security program in your organization
- Reduce production costs, source code vulnerabilities and delivery delays.
- Enhance the credibility of your organization and your team.
- Reduce losses due to insecure software breaches.
Make a difference in your career starting today. Get your CSSLP.
Here are just a few reasons to earn your CSSLP certification:
- Instant credibility. The CSSLP proves you’re a subject matter expert in application security. It shows you have desirable skills for employers around the world, giving you more opportunities.
- Increased compensation. While pay practices vary by employer, many CSSLPs find that this software security certification can lead to pay gains and “skill premiums.”
- Relevant, new knowledge. Earning the CSSLP is a great way to expand your security knowledge, in addition to affirming your expertise. It offers continuing education, so you can keep your skills current and relevant.
- Versatile skills. The CSSLP isn’t product specific, so you can easily apply your skills to different technologies and methodologies.
- A broader perspective. As a CSSLP, you have a holistic understanding of best practices, policies and procedures throughout the software development life cycle. And you have the skills to advise others on how to build secure software. This expertise can set you up for new jobs and opportunities.
- Better protect your organization. You make software safer. You make the world safer. Simple as that. As a CSSLP, you have the power to protect your organization — and all the people counting on it to keep their sensitive data safe.
This training course will help candidates review and refresh their information security knowledge and help identify areas they need to study for the CSSLP exam and features:
- Official (ISC)² courseware
- Taught by an authorized (ISC)² instructor
- Student handbook
- Collaboration with classmates
- Real-world learning activities and scenarios
Led by an (ISC)² authorized instructor, the Certified Secure Software Lifecycle Professional (CSSLP) validates that software professionals have the expertise to incorporate security practices – authentication, authorization and auditing – into each phase of the software development lifecycle (SDLC), from software design and implementation to testing and deployment. The broad spectrum of topics included in the CSSLP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the field of information security. Successful candidates are competent in the following eight domains:
- Secure Software Concepts
- Secure Software Requirements
- Secure Software Design
- Secure Software Implementation/Programming
- Secure Software Testing
- Secure Lifecycle Management
- Software Deployment, Operations, and Maintenance
- Supply Chain and Software Acquisition
CSSLP EXAM INFORMATION
|Length of exam||4 hours|
|Number of questions||175|
|Question format||Multiple choice|
|Passing grade||700 out of 1000 points|
|Testing center||Pearson VUE Testing Centre|
|Exam cost||$599 USD|
The CSSLP is intended for those who have a minimum of 4 years cumulative paid full-time Software Development Lifecycle (SDLC) professional experience in 1 or more of the 8 domains of the CSSLP CBK. Earning a 4-year college degree or regional equivalent will satisfy 1 year of the required experience. Education credit will only satisfy 1 year of experience. If you don’t have the required experience to become a CSSLP, you may become an Associate of (ISC)² by successfully passing the CSSLP examination. You will then have 5 years to earn the 4 years required experience.
The CSSLP is ideal for those working in roles such as:
- Software Architect
- Software Engineer
- Software Developer
- Application Security Specialist
- Software Program Manager
- Quality Assurance Tester
- Penetration Tester
- Software Procurement Analyst
- Project Manager
- Security Manager
- IT Director/Manager