(ISC)²® Certified Secure Software Lifecycle Professional (CSSLP®) CBK® Education Program
This course will help you advance your software development expertise by ensuring you're properly prepared to take on the constantly evolving vulnerabilities exposed in the SDLC. It will train you on every phase of the software lifecycle detailing security measures and best practices for each phase. The CSSLP® Education Program is for all the stakeholders involved in software development. By taking this course, not only will you enhance your ability to develop software with more assurance you will understand how to build security within each phase of the software lifecycle.
The comprehensive (ISC)2 CSSLP® CBK® Education program covers the following domains:
- Secure Software Concepts - know what constitutes secure software and what design aspects to take into consideration to architect hack-resilient software.
- Secure Software Requirements - capturing all of the security requirements from various stakeholders and understanding the sources and processes needed to ensure a more effective design.
- Secure Software Design - secure design elements, software architecture, secure design review, and conduct threat modeling.
- Secure Software Implementation/Coding - secure coding practices, vulnerabilities to look for, and how to review the code to ensure that there are no errors in the code or security controls.
- Secure Software Testing - integrated software testing for security functionality, reliability, resiliency to attack, and recoverability.
- Software Acceptance - security implications in the software acceptance phase including completion criteria, risk acceptance and documentation, Common Criteria and methods of independent testing.
- Software Deployment, Operations, Maintenance and Disposal security issues around steady state operations and management of software. Security measures that must be taken when a product reaches its end of life.
- Supply Chain and Software Acquisition provides a holistic outline of the knowledge and tasks required in managing risk for outsourced development, acquisition, and procurement of software and related services.
Please note that the price of tuition does NOT include the CSSLP® exam.
SANS Hosted are a series of classes presented by other educational providers to complement your needs for training outside of our current course offerings.
|Who Should Attend|
|About Course Provider|
(ISC)2 is the largest not-for-profit membership body of certified information security professionals worldwide, with over 70,000 members in more than 135 countries. Globally recognized as the Gold Standard, (ISC)2 issues the Certified Information Systems Security Professional (CISSP®) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP®), Certified Authorization Professional (CAP®), and Systems Security Certified Practitioner (SSCP®) credentials to qualifying candidates. (ISC)2's certifications are among the first information technology credentials to meet the requirements of ANSI/ISO/IEC Standard 17024. (ISC)2offers education programs and services based on its CBK®, a compendium of information security topics. For more information, visit the (ISC)2 web site.
Take your learning beyond the classroom. Explore our site network for additional resources related to this course's subject matter.
*CPE/CMU credits not offered for the SelfStudy delivery method