- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
select a course
- Vendor Events
- Hotel & Travel Info
- General Info
- Faculty
- Vendor Expo
- Special Events
- SANS @Night
- Brochure (PDF)
SANS training is like a catalyst. It not only boosts your knowledge but also inspires you to learn more.
-Tan Koon Yaw, IDA
Click for Calendar of Events
GIAC Secure Software Programmer (GSSP) Certification Exam
The GIAC Secure Software Programmer (GSSP) Certification Exam was developed in a joint effort involving the SANS Institute, CERT/CC, several US government agencies, and leading companies in the US, Japan, India, and Germany. These exams are an essential response to the rapidly increasing number of targeted attacks that are focusing on application vulnerabilities. They help organizations meet four objectives:
- Identify shortfalls in security knowledge of in-house programmers and help those individuals close the gaps.
- Ensure outsourced programmers have adequate secure coding skills.
- Select new employees who will not need remedial training in secure programming.
- Ensure each major development project has at least one person with advanced secure programming skills.
- GSSP Overview:
Programmers can demonstrate that they know the common security flaws found in Java and C programming, and how to avoid the problems, by passing the new GSSP exams.
Blueprints for the exams are located at the following links:
Sample tests and a complete description of the Secure Coding Initiative can be found at http://www.sans-ssi.org
Future Exam Dates
- GSSP - GIAC Secure Software Programmer - C Exam
- June 5, 2008, 9:00am - 3:00pm - London, GB
- June 8, 2008, 9:00am - 3:00pm - Las Vegas, NV
- July 23, 2008, 9:00am - 3:00pm - Washington, DC
- GSSP - GIAC Secure Software Programmer - Java/J2EE Exam
- June 5, 2008, 9:00am - 3:00pm - London, GB
- June 8, 2008, 9:00am - 3:00pm - Las Vegas, NV
- July 23, 2008, 9:00am - 3:00pm - Washington, DC
Click on Calendar of Events for additional information and to Register for a specific test.
The GIAC Secure Software Programmer (GSSP) Certification Exam is a proctored and timed test. You will be required to present a photo id to collect your exam materials and to gain access to the exam room. You will not be allowed to bring any resource materials or electronic devices, including laptops, PDAs and cell phones.
Materials you will need to bring to the test:
You must bring a government-issued photo identification with signature to the examination site.
Acceptable forms of identification include:
- driver's licenses
- passports
- other government-issued identification cards
Unacceptable forms of identification include:
- gym memberships
- warehouse memberships
- school identification cards
- credit cards
- identification with signature only (no photo)
You will be provided with pencils, scratch paper, an answer sheet, and the test booklet. None of these items may be removed from the test room.
Examination Rules
The SANS Institute industry standard testing rules as outlined below.
- Exam Security and Protocol
- No books, papers, or other reference materials may be taken into the examination room.
- No electronic devices, including telephones, laptops, cameras, signaling devices, pagers, alarms, personal calculators, and recording/playback devices (including iPods and mp3 players) of any kind may be taken into the examination room. Do not bring these items with you to the testing center.
- Earplugs for sound suppression are allowed.
- Candidates must vacate the testing area after completion of the exam.
- Food and drink are allowed only in the designated area.
- Candidates may not be accompanied by any other individual (this includes, but is not limited to, parents, children, spouses, friends, and pets other than service animals).
- Candidates may not take examination materials, documents, or memoranda of any type from the test room and all examination materials must be turned in and accounted for before leaving the test room.
- Candidates must not discuss or share reference materials or any other examination information with any candidate during the entire examination period. Candidates are particularly cautioned not to do so after they have completed the exam and checked out of the test room.
- Under no circumstances will any portion of the exam be copied.
- No questions concerning the content of the examination may be asked during the examination period. You should listen carefully to the directions given by the proctor.
- The examination will be given only on the date and time noted on the examination admission ticket.
- Dress is business casual.
- While the site climates are controlled to the extent possible, be prepared for either warm or cool temperatures.
- Reference Material Candidates writing on anything other than examination materials distributed by the proctors will be in violation of the security policies. Reference materials are not allowed in the test room. Candidates are asked to bring as few personal items as possible.
- Exam Response Information Answer sheets must be completed with your name and other required information. The answer sheet must be used to record ALL answers. Upon completion, you are to wait for the proctor to collect your examination materials. Answers marked in the test booklet will not be counted or graded. Additional time will not be allowed to transfer answers from the test booklet to the answer sheet.
Examination Scoring
Examination results will be mailed via US mail six (6) weeks after your test date. The results will contain the actual score received, a score for each major exam category, as well as a pass/fail designation. Please note that results will not be given out over the telephone, through e-mail, or by fax.
Certification
Those who gain passing scores at the foundation level will earn the GIAC Secure Software Programmer (GSSP) certification. A designation will follow the letters reflecting the language in which the certification was earned. For example, a programmer who passes the Java exam would receive the GSSP-J designation.
The GSSP certification will be valid for four years. You will become eligible to apply for re-certification one (1) year prior to your certification expiration. You must register for recertification before your certification expiration date. To re-certify, you must pass the current examination being used for initial certification.