ISC2 CSSLP : Certified Secure Software Lifecycle Professional Exam
The ISC2 CSSLP: Certified Secure Software Lifecycle Professional exam is the only certification in the industry designed to ensure that security is considered throughout the entire software development lifecycle. Receiving this certification will make a candidate more valuable to their employer certifying that they can reduce production cost, vulnerabilities and delivery delays.
There are six primary domains that will be covered on the ISC2 CSSLP exam. The first two domains are Secure Software Concepts and Secure Software Requirements. Here, a candidate will demonstrate that they are familiar with security implications and methodologies, as well as know how to capture security controls used during the requirements phase to integrate security within the process, to identify key security objectives, and to maximize software security.
The next two portions of the ISC2 CSSLP exam will be devoted to Secure Software Design and Secure Software Implementation. This will require a candidate to know how to translate security requirements into application design elements including documenting the elements of the software attack surfaces, conducting threat modeling, and defining any specific security criteria.
The final two domains of the exam will include Secure Software Testing and Software Acceptance. A candidate must be familiar with integrated QA testing for security functionality and resiliency to attack and security implications in the software acceptance phase.