Download Interent ExplorerDownload Apple SafariDownload OperaDownload FirefoxDownload Google Chrome

Call Us Today: 1.888.742.3214

CSSLP Certification Training

CSSLP Certification Training

CIPM Certification Training

CSSLP Certification Training:

Certified Secure Software Lifecycle Professional Training (CSSLP) Course with Hands-on Exercises (Onsite, Online, and Classroom Live)

Led by an (ISC)² authorized instructor, the following CSSLP Certification Training Workshop course is an official (ISC)² training seminar for the Certified Secure Software Lifecycle Professional (CSSLP) certification, which confirms that a software professional has the expertise to incorporate security practices into each phase of the SDLC, from software design and implementation to testing and deployment.

The training and provided Certified Secure Software Lifecycle Professional Training Workshop course material for this official (ISC)² training seminar will teach students how to build secure software. Additionally, this CSSLP Certification Training Workshop course will also help students successfully prepare for the CSSLP exam as it provides a comprehensive review of the eight domains for the CSSLP Common Body of Knowledge (CBK).

Aside from a reserved seat in an upcoming CSSLP Certification Training Workshop, the resources provided to students include (ISC)²’s official courseware and student handbook. When you combine (ISC)²’s instructor-led training with the provided course material, this Certified Secure Software Lifecycle Professional Training seminar is a great resource for those interested in passing the CSSLP exam or reviewing/refreshing their application security knowledge.

This Certified Secure Software Lifecycle Professional Training (CSSLP) course supports a certification that is a DoD Approved 8570 Baseline Certification and meets DoD 8140/8570 training requirements.

About the CCSLP exam

The CSSLP exam evaluates your expertise across eight security domains. Think of the domains as topics you need to master based on your professional experience and education. CSSLP Domains :

  • Secure Software Concepts (13%)
  • Secure Software Requirements (14%)
  • Secure Software Design (16%)
  • Secure Software Implementation/Programming (16%)
  • Secure Software Testing (14%)
  • Secure Lifecycle Management (10%)
  • Software Deployment, Operations, and Maintenance (9%)
  • Supply Chain and Software Acquisition (8%)

The CISSP exam contains 175 questions, the format is MCQ. The pass rate is 70%. Candidates have 4 hours to complete this exam in a Pearson Vue testing center. (ISC)² recommends candidates review exam policies and procedures prior to registering for the examination.

  • Length of exam: 4 hours
  • Number of questions: 175
  • Question format: Multiple Choice Questions
  • Passing grade: 700 out of 1000 points
  • Language: English

What’s Included

  • 5 Days of CSSLP Training from an Authorized (ISC)² Instructor
  • Official (ISC)² CSSLP Training Courseware
  • Official (ISC)² CSSLP Student Guide
  • CSSLP Certification Exam voucher
  • 100% Satisfaction Guarantee
  • Exam Pass Guarantee

Resources

Related Courses:

Audience / Target Group:

The intended audience for the CSSLP Certification training program is professionals who are involved in any phase of the software development life-cycle and those who are responsible for application security practices. Typically speaking, CSSLP is ideal for those working in roles such as, but not limited to:

  • Software Architect
  • Software Engineer
  • Software Developer
  • Application Security Specialist
  • Software Program Manager
  • Quality Assurance Tester
  • Penetration Tester
  • Software Procurement Analyst
  • Project Manager
  • Security Manager
  • IT Director/Manager

What You Will Learn

This (ISC)² authorized CSSLP training seminar is based on the eight CSSLP domains of the (ISC)² Common Body of Knowledge (CBK), ensuring students successfully prepare for the CSSLP exam and enhance their overall competencies in secure software development.

  • Domain 1: Secure Software Concepts
  • Domain 2: Secure Software Requirements
  • Domain 3: Secure Software Design
  • Domain 4: Secure Software Implementation/Programming
  • Domain 5: Secure Software Testing
  • Domain 6: Secure Software Lifecycle Management
  • Domain 7: Software Deployment, Operations, and Maintenance
  • Domain 8: Supply Chain and Software Acquisition

Course Syllabus

Domain 1: Secure Software Concepts

The first domain of our Certified Secure Software Lifecycle Professional Training (CSSLP) course covers the mechanisms that permit managers of a software system to exercise a directing or restraining influence over the behavior, use, and content of the system. These concepts permit management to specify what users can do, which resources managers can access, and what operations they can perform on a system.

CSSLP Training Objectives

  • Core Concepts
  • Security Design Principles

Domain 2: Secure Software Requirements

The Secure Software Requirements domain covers the controls used during the requirements phase of the Software Development Lifecycle to integrate security into the software development process, to identify key security objectives, and to maximize software security while minimizing disruption to plans and schedules.

CSSLP Training Objectives

  • Identify Security Requirements
  • Interpret Data Classification Requirements
  • Identify Privacy Requirements
  • Develop Misuse and Abuse Cases
  • Include Security in Software Requirement Specifications
  • Develop Security Requirement Traceability Matrix

Domain 3: Secure Software Design

This domain, Secure Software Design, addresses the definition of the overall structure of the software from a security perspective, documenting the elements of the software attack surface, conducting threat modeling, and defining specific security criteria that must be met before the software is released.

CSSLP Training Objectives

  • Perform Threat Modeling
  • Define the Security Architecture
  • Performing Secure Interface Design
  • Performing Architectural Risk Assessment
  • Modeling Security Properties and Constraints
  • Model and Classify Data
  • Evaluate and Select Reusable Secure Design
  • Perform Design Security Review
  • Design Secure Assembly Architecture for Component-Based Systems
  • Use Security Enhancing Architecture and Design Tools
  • Use Secure Design Principles and Patterns

Domain 4: Secure Software Implementation/Programming

The Secure Software Implementation/Programming domain involves the application of coding and testing standards, applying security testing tools including “fuzzing”, static-analysis code scanning tools, and conducting code reviews.

CSSLP Training Objectives

  • Follow Secure Coding Practices
  • Analyze Code for Security Vulnerabilities
  • Implement Security Controls
  • Fix Security Vulnerabilities
  • Look for Malicious Code
  • Securely Reuse Third Party Codes or Libraries
  • Securely Integrate Components
  • Apply Security during the Build Process
  • Debug Security Errors

Domain 5: Secure Software Testing

The Secure Software Testing domain refers to the phase in the secure software development lifecycle where the software is functionally complete and ready to enter user beta testing. The goal of the Secure Software Testing phase is to determine if the final software meets the requirements.

CSSLP Training Objectives

  • Develop Security Test Cases
  • Develop Security Testing Strategy and Plan
  • Identify Undocumented Functionality
  • Interpret Security Implications of Test Results
  • Classify and Track Security Errors
  • Secure Test Data
  • Develop or Obtain Security Test Data
  • Perform Verification and Validation Testing

Domain 6: Secure Lifecycle Management

Domain 6 covers the content in determining if the software is ready to deliver to customers from a security viewpoint. The domain provides an overall picture of the security posture of the software and the likelihood that it will be able to withstand the attack after the software has been released to customers.

CSSLP Training Objectives

  • Secure Configuration and Version Control
  • Establish Security Milestones
  • Choose a Secure Software Methodology
  • Identify Security Standards and Frameworks
  • Create Security Documentation
  • Develop Security Metrics
  • Decommission Software
  • Report Security Status
  • Support Governance, Risk, and Compliance (GRC)

Domain 7: Software Deployment, Operations, and Maintenance

The Software Deployment, Operations, and Maintenance domain deals with the vulnerabilities that have not been eliminated from the software as shipped as well as new attacks that would be discovered after the software has been shipped, and when software that was “secure” would be found to be vulnerable. The objective in this domain is to learn from errors and to use the information provided in vulnerability reports to help detect and eliminate further vulnerabilities before they are discovered in the field and used to put customers at risk. The problem management process also helps the product team and the security team adapt processes so that similar errors are not introduced in the future.

CSSLP Training Objectives

  • Perform Implementation Risk Analysis
  • Release Software Securely
  • Securely Store and Manage Security Data
  • Ensure Secure Installation
  • Perform Post-Deployment Security Testing
  • Obtain Security Approval to Operate
  • Perform Security Monitoring
  • Support Incident Response
  • Support Patch and Vulnerability Management
  • Support Continuity of Operations

Domain 8: Supply Chain and Software Acquisition

The last domain in this Certified Secure Software Lifecycle Professional Training (CSSLP) course, Supply Chain and Software Acquisition, provides a holistic outline of the knowledge and tasks required by a CSSLP candidate in managing risk for outsourced development, acquisition, and procurement of software and related services (e.g. Cloud Computing, Mobile Application development). This domain defines the expectations of an organization when acquiring software such that it can be assured that a product will not act maliciously, whether intended or not nor disrupt its business and result in a negative financial impact.

CSSLP Training Objectives

  • Analyze the Security of Third-Party Software
  • Verify Pedigree and Provenance
  • Provide Security Support to the Acquisition Process
CSSLP Certification Training Workshop Course Wrap-Up

Whether you are looking for general information or have a specific question about CSSLP Certification, we want to help!

Request More Information

    Time frame:

    CSSLP Certification TrainingComments are closed Permalink

    Written by

    View all posts by: