Certified Secure Software Lifecycle Professional (CSSLP®) Certification Training Course
Certified Secure Software Lifecycle Professional (CSSLP®) Certification Training Course
The Certified Secure Software Lifecycle Professional (CSSLP®) is an instructor-led, hands-on certification training course. It describes how to learn the basics and best security practices in the Software Development Lifecycle (SDLC) and prepare for the globally recognised CSSLP® Secure Software Development Certification. This course also covers proven ways to help build your career and better incorporate security practices at every stage of the SDLC. CSSLP certification recognizes leading application security skills. It demonstrates to employers and peers that you have the in-depth technical skills and knowledge required to authenticate, authorise and audit across the SDLC using best practices, policies and procedures set by (ISC)² cybersecurity experts.
- To obtain this certification, you must pass an examination and have at least four years of cumulative paid work experience as a software development life cycle professional in one or more of the eight (ISC)² CSSLP Common Body of Knowledge domains.
- A relevant four-year diploma may correspond to one year of the required experience.
- A candidate who does not have the necessary experience to become a CSSLP may successfully pass the CSSLP examination and become an (ISC)² Associate while he/she gains the necessary experience.
Candidates can achieve this certification by passing the following CSSLP exam(s).
Certified Secure Software Lifecycle Professional (CSSLP®)
The certification exam can be registered and attempted within 3 months of course/module completion at Logitrain training centre on weekdays during normal business hours (excludes public holidays)
Logitrain course material for Certified Secure Software Lifecycle Professional (CSSLP®) certification provided
- Validate your expertise in application security
- Conquer application vulnerabilities offering more value to your employer
- Demonstrate a working knowledge of application security
- Differentiate and enhance your credibility and marketability on a worldwide scale
- Affirm your commitment to continued competence in the most current best practices through (ISC)’s Continuing Professional Education (CPE) requirements
- Software Architect
- Software Engineer
- Software Developer
- Application Security Specialist
- Software Program Manager
- Quality Assurance Tester
- Penetration Tester
- Software Procurement Analyst
- Project Manager
- Security Manager
- IT Director/Manager
- Core Concepts
- Security Design Principles
- Define Software Security Requirements
- Identify and Analyse Compliance Requirements
- Identify and Analyse Data Classification Requirements
- Identify and Analyse Privacy Requirements
- Develop Misuse and Abuse Cases
- Develop Security Requirement Traceability Matrix (STRM)
- Ensure Security Requirements Flow Down to Suppliers/Providers
- Perform Threat Modeling
- Define the Security Architecture
- Performing Secure Interface Design
- Performing Architectural Risk Assessment
- Model (Non-Functional) Security Properties and Constraints
- Model and Classify Data
- Evaluate and Select Reusable Secure Design
- Perform Security Architecture and Design Review
- Define Secure Operational Architecture (e.g., deployment topology, operational interfaces)
- Use Secure Architecture and Design Principles, Patterns, and Tools
- Adhere to Relevant Secure Coding Practices (e.g., standards, guidelines and regulations)
- Analyse Code for Security Risks
- Implement Security Controls (e.g., watchdogs, File Integrity Monitoring (FIM), anti-malware)
- Address Security Risks (e.g. remediation, mitigation, transfer, accept)
- Securely Reuse Third-Party Code or Libraries (e.g., Software Composition Analysis (SCA))
- Securely Integrate Components
- Apply Security During the Build Process
- Develop Security Test Cases
- Develop Security Testing Strategy and Plan
- Verify and Validate Documentation (e.g., installation and setup instructions, error messages, user guides, release notes)
- Identify Undocumented Functionality
- Analyse Security Implications of Test Results (e.g., impact on product management, prioritisation, break build criteria)
- Classify and Track Security Errors
- Secure Test Data
- Perform Verification and Validation Testing
- Secure Configuration and Version Control (e.g., hardware, software, documentation, interfaces, patching)
- Define Strategy and Roadmap
- Manage Security Within a Software Development Methodology
- Identify Security Standards and Frameworks
- Define and Develop Security Documentation
- Develop Security Metrics (e.g., defects per line of code, criticality level, average remediation time, complexity)
- Decommission Software
- Report Security Status (e.g., reports, dashboards, feedback loops)
- Incorporate Integrated Risk Management (IRM)
- Promote Security Culture in Software Development
- Implement Continuous Improvement (e.g., retrospective, lessons learned)
- Perform Operational Risk Analysis
- Release Software Securely
- Securely Store and Manage Security Data
- Ensure Secure Installation
- Perform Post-Deployment Security Testing
- Obtain Security Approval to Operate (e.g., risk acceptance, sign-off at appropriate level)
- Perform Information Security Continuous Monitoring (ISCM)
- Support Incident Response
- Perform Patch Management (e.g. secure release, testing)
- Perform Vulnerability Management (e.g., scanning, tracking, triaging)
- Runtime Protection (e.g., Runtime Application Self-Protection (RASP), Web Application Firewall (WAF), Address Space Layout Randomisation (ASLR))
- Support Continuity of Operations
- Integrate Service Level Objectives (SLO) and Service Level Agreements (SLA) (e.g., maintenance, performance, availability, qualified personnel)
- Implement Software Supply Chain Risk Management
- Analyse Security of Third-Party Software
- Verify Pedigree and Provenance
- Ensure Supplier Security Requirements in the Acquisition Process
- Support contractual requirements (e.g., Intellectual Property (IP) ownership, code escrow, liability, warranty, End-User License Agreement (EULA), Service Level Agreements (SLA))
Take the certification exam within 3 months of course / module completion
Take the official certification exam at Logitrain, a local VUE test centre or online
Course material in digital format is included for flexibility and ease of use
Mock test is included in the full-time courses to assist with your preparation
Our trainers are highly skilled with expertise and extensive hands-on experience
Relax, we will beat competitor’s advertised price. Our course has no extra costs
Location | Type | Duration | Price | Dates | |
---|---|---|---|---|---|
Location | Type | Duration | Price | Dates |
The supply of this course/package/program is governed by our terms and conditions. Please read them carefully before enrolling, as enrolment is conditional on acceptance of these terms and conditions. Proposed course dates are given, course runs subject to availability and minimum registrations.
Find out why we are the leading choice to help boost your career in Australia
“The trainer explained everything very well. Logitrain was very helpful for me in getting a better overall understanding of CCNA. I previously had studied it 2 years earlier but required revision.”
– Felice Amenta, Senior Service Management Officer at Optus, Rating: 4.8/5
“I recently followed the ITIL Foundation course at Logitrain. The training, materials and facilities were excellent and I would not hesitate to train with Logitrain again.”
– Rob Stockey, Senior Engineer at APAC, Rating: 4.8/5
“Had a blast! Great course, will be back soon to do another.”
– Justin Blackford, Systems Administrator at Gloria Jean’s Coffee, Rating: 4.8/5
“The trainer was very patient and gave everybody the opportunity to participate.”
– Tim Symonds, Solutions Architect at MSC Mobility Solutions, Rating: 4.8/5
Over 1000 organisations have relied on Logitrain to be their trusted training partner.
Don’t Wait. Please fill the form now.