Definition

CSSLP (certified secure software lifecycle professional)

Contributor(s): Madelyn Bacon

CSSLP (certified secure software lifecycle professional) is a certification from (ISC)2 that focuses on application security within the software development lifecycle (SDLC).

Launched in 2008, the CSSLP certification is designed for programmers, project managers, IT analysts or engineers involved in the SDLC. The certification's curriculum focuses on application vulnerabilities, risk and compliance issues that arise during the application development lifecycle and is broken down into eight domains:

  • Secure Software Concepts
  • Secure Software Requirements
  • Software Design
  • Secure Software Implementation/Coding
  • Secure Software Testing
  • Software Acceptance, Software Deployment
  • Operations, Maintenance and Disposal
  • Supply Chain and Software Acquisition

CSSLP is intended to help candidates validate their expertise in application security, be able to better handle application vulnerabilities and demonstrate a working knowledge of application security.

In order to be considered for the CSSLP certification, candidates must have at least four years cumulative paid full-time work experience in at least one of the eight domains of the CSSLP. Alternatively, candidates can substitute a year of this work experience with a four-year college degree in a related field.

The CSSLP exam takes four hours to complete and consists of 175 multiple choice questions. Candidate need to achieve a minimum of 700 out of 1000 points to pass the exam and gain the certification.

This was last updated in August 2015

Continue Reading About CSSLP (certified secure software lifecycle professional)

Dig Deeper on Security industry certifications

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close