The Certified Secure Software Lifecycle Professional (CSSLP) validates that software professionals have the expertise to incorporate security practices – authentication, authorization and auditing – into each phase of the software development lifecycle (SDLC), from software design and implementation to testing and deployment.
Candidates must have a minimum of 4 years cumulative Software Development Lifecycle (SDLC) professional experience in 1 or more of the 8 domains of the CSSLP CBK. Earning a 4-year college degree or regional equivalent will satisfy 1 year of the required experience. Education credit will only satisfy 1 year of experience.
A candidate that doesn’t have the required experience to become a CSSLP may become an Associate of (ISC)² by successfully passing the CSSLP examination. The Associate of (ISC)² will then have 5 years to earn the 4 years required experience.
1. Secure Software Concepts
2. Secure Software Requirements
3. Secure Software Design
4. Secure Software Implementation/Programming
5. Secure Software Testing
6. Secure Lifecycle Management
7. Software Deployment, Operations and Maintenance
8. Supply Chain and Software Acquisition