ISC2 Certified Secure Software Life-Cycle Professional (CSSLP)
Offered By: Cybrary
Course Description
Overview
What is CSSLP?
The Certified Secure Software Lifecycle Professional (CSSLP) certification from ISC2 focuses on application security within the software development lifecycle (SDLC). This credential validates an individual’s technical skills and advanced knowledge in designing, developing, and implementing security practices in each phase of the software lifecycle.
What Does the CSSLP Training Course Cover?
The CSSLP training course covers all related aspects of secure software development. It is designed to help learners in the security industry prepare for the CSSLP certification exam and earn their credentials. The CSSLP is intended to validate candidates’ expertise in web application security, to help them be better able to mitigate web application vulnerabilities and to show they have a comprehensive understanding of web app security. The course consists of instruction on all eight CSSLP domains that are included in the official exam.
The CSSLP domains are as follows:
- Secure software concepts
- Secure software requirements
- Secure software implementation
- Secure software architecture and design
- Secure software lifecycle management
- Secure software testing
- Secure software deployment, maintenance, operations
- Secure software supply chain
Upon completing the CSSLP training (approximately six hours of clock time), learners will earn six CEU/CPE, as well as a Certificate of Completion for the course.
Who Should Take the CSSLP Course?
Anyone IT or cybersecurity professional who is involved in the SDLC will benefit from the CSSLP course; however, it is ideal for:
- Project managers
- Penetration testers
- Software developers
- Software engineers
- Software architects
- Application security specialists
Because this is an intermediate-level course, those who enroll should have previous SDLC work experience.
Why Take Certified Secure Software Lifecycle Professional Training?
All IT certifications are beneficial to the individuals who earn them. The CSSLP certification is no exception, and this training course is the first step to attaining that credential. After finishing the course, learners will be more confident about taking the official CSSLP exam, and they will enjoy the following additional benefits:
- Web application security skills – Students who take the CSSLP course will develop versatile information security skills as well as the knowledge needed to pass the certification exam.
- Career advancement opportunities – The CSSLP training and certification ensure that learners have the right skills for career advancement and promotions. Organizations are looking for information security professionals who can mitigate security risks, implement software assurances, incorporate application security controls, and implement relevant secure coding practices.
- Better earning potential – Candidates with certifications have higher earning potentials than their uncertified peers, and IT and information security careers are some of the most highly-paid positions worldwide.
- Respect and credibility – Certifications from ISC2 are some of the most sought-after all over the world. Certified professionals are immediately respected by peers in the industry as well as employers.
What is the CSSLP Certification Exam Like?
The CSSLP credential shows that a professional is an expert in web application security. To be awarded that credential requires passing an in-depth certification exam. Like other certification tests, the CSSLP exam requires that candidates have knowledge and skills in the related domains. This certification exam has 125 multiple-choice questions. Test-takers have a limit of three hours to complete the exam and must score at least 700 (out of 1,000) to pass.
To be eligible to take the CSSLP certification exam, candidates must have a minimum of four years of software development lifecycle work experience, and it must be in one or more of the eight domains included on the official exam. Candidates must also have a Bachelor’s degree in Information Technology, Computer Science, or another related field. An Associate’s degree plus work experience may be accepted.
Why Choose Cybrary for CSSLP Training?
Our Certified Secure Software Lifecycle Professional training course is the perfect way to start learning the skills you need to prepare for the CSSLP certification exam. Learners who complete the course will have a solid foundation of knowledge in the eight domains included in the CSSLP certification exam.
Cybrary has an extensive library of online IT and cybersecurity training courses, practice exams, assessment tests, and virtual environments to help learners increase their knowledge and better their careers. Whatever IT career path you choose, Cybrary can help make your journey easier. Our training courses are self-paced, so you can work on them according to your schedule, making it convenient for even the busiest professionals. Click on the Enroll Now button to get started with your CSSLP certification exam prep.
Syllabus
- CSSLP Module 01
- Part 1 - Core Security Requirements
- Part 2 - Tenets of Secure Architecture and Design
- Part 3 - Trusted Computing Requirements of System Architecture
- Part 4 - Security Models and Access Control Models
- Part 5 - Adversaries and Review
- Part 6 - Risk Intro
- Part 7 - Risk Assessment
- Part 8 - Risk Analysis
- Part 9 - Risk Mitigation and Review
- CSSLP Module 02
- Part 1 - Security Requirements Intro
- Part 2 - SMART Requirements
- Part 3 - Core Security Requirements
- Part 4 - General Operational and Additional Requirements
- Part 5 - Gathering Requirements
- CSSLP Module 03
- Part 1 - Intro to Design and Reducing the Attack Surface
- Part 2 - Threat Modeling
- Part 3 - Risks and Controls
- Part 4 - Development Methodologies
- Part 5 - Common Architectures
- Part 6 - Secure Technologies
- CSSLP Module 04
- Part 1 - Intro to Secure Coding
- Part 2 - Computer Architecture CPU
- Part 3 - Memory
- Part 4 - Why is Software Unsecure
- Part 5 - OWASP 1 through 5
- Part 6 - OWASP 6 through 10
- Part 7 - Defensive Coding
- CSSLP Module 05
- Part 1 - Quality Assurance
- Part 2 - Testing Artifacts
- Part 3 - Functional Testing
- Part 4 - Non Functional Testing
- Part 5 - Vulnerability Scans and Penetration Testing
- Part 6 - Impact Assessment and Corrective Actions
- CSSLP Module 06
- Part 1 - Software Acceptance Intro
- Part 2 - Verification Validation Certification and Accreditation
- CSSLP Module 07
- Part 1 - Introduction to Secure Installation and Deployment
- Part 2 - Operation Security Controls
- Part 3 - Access Control Types
- Part 4 - Monitoring and Auditing
- Part 5 - Incident Response
- Part 6 - Change Management
- Part 7 - Software and System Disposal and Conclusion
Taught by
Kelly Handerhan
Related Courses
Certified Kubernetes Security Specialist (CKS)A Cloud Guru Cyber Security in Manufacturing
University at Buffalo via Coursera Corporate Cybersecurity Management
Cybrary Enterprise Security Leadership: Understanding Supply Chain Security
Cybrary Implement Cybersecurity Best Practices in Your Organization
Salesforce via Trailhead