upto 50% Off Upgrade your Skills with our Special Offers! JOIN NOW X
Staffing solutions Membership Blog Career Testimonials Gallery Contact us
1800-843-7890 (India) sales@infosectrain.com

Certified Secure Software Lifecycle Professional (CSSLP)
12K+ Satisfied learners Read Reviews

Software development is no longer just coding. It also involves creating secure code to seal vulnerabilities. The CSSLP certification from (ISC)2 is ideal for software professionals and security professionals to apply best practices to every phase of the ‘Software Development Lifecycle’. The CSSLP certification shows that you have the advanced skills needed to design, develop and implement security practices within each phase of the SDLC.

Course Highlights

  • 40hrs of instructor-led training
  • Recorded sessions
  • Technical Support Post Training
  • Certified & Experienced Trainers

Accredited By

Choose your Preferred Learning Mode

ON DEMAND TRAINING

Learn on Your Own Time
1-to-1 learning
Customized Solutions

Contact US

ONLINE TRAINING

Flexibility, Convenience & Time Saving
More Effective
Learning Cost Savings

Classes starting from

5th Sep: Weekend

15th Sep: Weekday

ENROLL NOW Preferred

CORPORATE TRAINING

Anytime, Anywhere – Across The Globe
Hire A Trainer
At Your Own Pace
Customized Corporate Training

Contact US For Business

Looking for a customized training?

REQUEST A BATCH

Course Description

Overview
The CSSLP course from InfoSec Train is spread out and covers all eight domains of the CSSLP certification. With 40 hrs of expert training by certified and experienced trainers and access to recorded sessions, the CSSLP training from InfoSec Train easily stands out in the industry.
Why CSSLP course from InfoSec Train?
The CSSLP training from InfoSec Train is the best in the industry. Here are some compelling reasons to enroll for Infosec Train’s CSSLP Training Course:

  • Chapters are structured in an easy and understandable way
  • All training is provided with engaging content and recordings are provided thereafter
  • Trainers are the best in the industry with the CSSLP certification along with other Information security certifications.
  • Trainers have several years of experience in the Information security industry as well as in the training industry
  • Excellent guidance for clearing the certification exam

Target Audience

  • Application Security Specialist
  • IT Director/Manager
  • Penetration Tester
  • Project Manager
  • Quality Assurance Tester
  • Security Manager
  • Software Architect
  • Software Developer
  • Software Engineer
  • Software Procurement Analyst
  • Software Program Manager

Pre-Requisite

A candidate who is planning to take the CSSLP exam should have 4 or more years of SDLC (Software Development Lifecycle Experience) experience in one or more of the eight domains of the CSSLP CBK.  They can also attempt the exam if they have 3 years of SDLC experience in one or more domains of the CSSLP CBK along with a 4-year Baccalaureate degree in Computer Science or related fields.

Exam Information

  • Duration : 3 hours
  • Number of questions: 125 questions
  • Question format: Multiple choice
  • Pass score: 700 out of 1000
1800-843-7890 (India)
Call Now

GET A FREE DEMO CLASS

For
Captcha*
5 + 89 =

Course Objectives

After completion of the course, you will feel more confident to appear for the CSSLP exam.

Course Benefits

  • Career advancement
    The CSSLP course and certification ensure that you advance in your career with the right skills and technical expertise.
  • Versatile skills
    You will be equipped with versatile skills in your InfoSec artillery after doing the CSSLP course from InfoSec Train and getting the certification.
  • Better salaries
    Upon completion of the course and earning the certification, you will stand to get a better salary.  On average, (ISC)2 members report earning 35% more than non-members (THE ULTIMATE GUIDE TO THE CSSLP )
  • Respect from peers
    Getting respect from peers in the InfoSec industry is one of the best perks of doing the CSSLP course from InfoSec Train and getting the certification.

Course Content

The course covers the details related to all eight domains of the CSSLP exam, namely

1 .Secure Software Concepts

  • Core Concepts
  • Security Design Principles

2. Secure Software Requirements

  • Define Software Security Requirements
  • Identify and Analyze Compliance Requirements
  • Identify and Analyze Data Classification Requirements
  • Identify and Analyze Privacy Requirements
  • Develop Misuse and Abuse Cases
  • Develop Security Requirement Traceability Matrix (STRM)
  • Ensure Security Requirements Flow Down to Suppliers/Provider

3. Secure Software Architecture and Design

  • Perform Threat Modeling
  • Define the Security Architecture
  • Performing Secure Interface Design
  • Performing Architectural Risk Assessment
  • Model (Non-Functional) Security Properties and Constraints
  • Model and Classify Data
  • Evaluate and Select Reusable Secure Design
  • Perform Security Architecture and Design Review 3.9
  • Define Secure Operational Architecture (e.g., deployment topology, operational interfaces)
  • Use Secure Architecture and Design Principles, Patterns, and Tools

4. Secure Software Implementation

  • Adhere to Relevant Secure Coding Practices (e.g., standards, guidelines and regulations)
  • Analyze Code for Security Risks
  • Implement Security Controls (e.g., watchdogs, File Integrity Monitoring (FIM), anti-malware)
  • Address Security Risks (e.g. remediation, mitigation, transfer, accept) Securely Reuse Third-Party Code or Libraries (e.g., Software Composition Analysis (SCA))
  • Securely Integrate Components
  • Apply Security During the Build Process

5. Secure Software Testing

  • Develop Security Test Cases
  • Develop Security Testing Strategy and Plan
  • Verify and Validate Documentation (e.g., installation and setup instructions, error messages, user guides, release notes)
  • Identify Undocumented Functionality
  • Analyze Security Implications of Test Results (e.g., impact on product management, prioritization, break build criteria)
  • Classify and Track Security Errors
  • Secure Test Data
  • Perform Verification and Validation Testing

6. Secure Software Lifecycle Management

  • Secure Configuration and Version Control (e.g., hardware, software, documentation, interfaces, patching)
  • Define Strategy and Roadmap
  • Manage Security Within a Software Development Methodology
  • Identify Security Standards and Frameworks
  • Define and Develop Security Documentation
  • Develop Security Metrics (e.g., defects per line of code, criticality level, average remediation time, complexity)
  • Decommission Software
  • Report Security Status (e.g., reports, dashboards, feedback loops)
  • Incorporate Integrated Risk Management (IRM)
  • Promote Security Culture in Software Development
  • Implement Continuous Improvement (e.g., retrospective, lessons learned)

7. Secure Software Deployment, Operations, Maintenance

  • Perform Operational Risk Analysis
  • Release Software Securely
  • Securely Store and Manage Security Data
  • Ensure Secure Installation
  • Perform Post-Deployment Security Testing
  • Obtain Security Approval to Operate (e.g., risk acceptance, sign-off at appropriate level)
  • Perform Information Security Continuous Monitoring (ISCM)
  • Support Incident Response
  • Perform Patch Management (e.g. secure release, testing)
  • Perform Vulnerability Management (e.g., scanning, tracking, triaging)
  • Runtime Protection (e.g., Runtime Application Self-Protection (RASP), Web Application Firewall (WAF), Address Space Layout Randomization (ASLR))
  • Support Continuity of Operations
  • Integrate Service Level Objectives (SLO) and Service Level Agreements (SLA) (e.g., maintenance, performance, availability, qualified personnel)

8. Secure Software Supply Chain

  • Implement Software Supply Chain Risk Management
  • Analyze Security of Third-Party Software
  • Verify Pedigree and Provenance
  • Ensure Supplier Security Requirements in the Acquisition Process
  • Support contractual requirements (e.g., Intellectual Property (IP) ownership, code escrow, liability, warranty, End-User License Agreement (EULA), Service Level Agreements (SLA))

Need customized curriculum? Talk to Advisor

Related Courses

Cloud Security Expert (SCS-C01, AZ – 500 & CCSP) Training
Explore
Information Security Management – (CISSP + CISM)
Explore
Information Security Auditor – (CISSP + CISA)
Explore
Enterprise Security Governance – Combo of CISSP & CCSP
Explore

Our Course Advisor

Prabh Nair

Prabh Nair

CISSP | CCSP | CSSLP | CRISC | CISM | CISA | AWS Sec | AZ 500

Certified Security specialist having several years of experience in Information Security across all domains including application security, vulnerability assessment, ethical hacking, pen testing and IT risk and compliance and more

Here is What people are saying about InfosecTrain

Mohammed I
USA

I took his infosectrain class. He is a very good Security expert and has lots of industry & training experience. He is very punctual about the class timing and explained everything and put extra time if some for slow students.

Sudharsun
India

I would like to thank Trainer for the enhanced training provided for my course preparation.He has extensive knowledge in this topic a constant motivator and a brilliant person.

Munish
India

The way he teaches, the way he clears concepts.. you can feel the difference. Trainer dropped down to my level of understanding and then pulled me up! That is not what a “just teacher” does.

Benefits You Will Access Why Infosec Train

Certified & Experienced Instructors
Post Training Support
Tailor Made Training
Flexible Schedule
Access to the Recorded Sessions

FAQs

1. I do not have the required number of years of experience for the CSSLP certification. Can I still attempt it?
If you don’t have the required experience to become a CSSLP, you may become an Associate of (ISC)² by successfully passing the CSSLP examination. You will then have five years to earn the four years required experience. (Certified Secure Software Lifecycle Professional – Certification Exam Outline)
2. What language is the CSSLP exam available in?
As of today, the exam is only available in English
3. After I get certified CSSLP, how soon should I complete the endorsement process?
All candidates who pass the CSSLP exam must complete the endorsement process within a period of nine months.
4. How often do I have to recertify CSSLP?
You need to recertify every 3 years.
5. How do I recertify CSSLP?
Recertification is done by earning CPE(Continuing Professional Education) credits and paying the AMF or the ‘Annual Maintenance Fee’ to support the development of (ISC)2

Latest Blog Posts

What is CSSLP Certification? Everything You Need To Know

Old CSSLP vs New CSSLP Certification

eBook : CIRRUS – 8000 Ft. of CCSP course

The Details You Would Like To Know About Information Security Manager
TOP
Toll Free - 1800-843-7890 (India)
+1 657-722-11127 (USA)
+44 7451 208413 (UK)
sales@infosectrain.com

Company

Quick Link

Top Courses

CISSP | CISM | CISA | CCSP | ISO 27001 LA | CYSA+ | CEH v11 | Security+ (SY0-601 ) | Pentest + | Sailpoint IdentityIQ CRISC | AWS Solution Architect | AZ-104 | AZ-304 | AZ-303 | AZ-500 | Capture the Flag (CTF) | Advanced Penetration Testing | Cloud Security Expert | Cloud Architect Expert | AWS Combo Course | Azure Security Combo | SOC Analyst | QRadar SIEM | CCSK | CCISO |

Get Newsletter

DMCA.com Protection Status
All rights reserved. © 2021, Infosec Train
Drop us a Query | Join Webinars | Training Calendar