Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
CSSLP Certification Boot Camp
Become an (ISC)2 Certified Secure Software Lifecycle Professional (CSSLP). You'll leave this boot camp with the knowledge and expertise needed to apply best practices to each phase of the software development lifecycle from design and implementation to testing and deployment.
Infosec's CSSLP Boot camp teaches you how to incorporate security practices throughout the software development lifecycle. You'll learn key policies, procedures and best practices related to secure software development and how to incorporate them into each phase of the development lifecycle. You'll leave fully prepared to earn your CSSLP certification and prove to employers that you have the knowledge and skills necessary to implement secure software development and help mitigate cyber threats.
Course Overview
In order to obtain the CSSLP certification, you must have at least four years of professional Software Development Lifecycle (SDLC) experience and a work history reflecting direct experience in at least one of the eight domains listed in the (ISC)2 CSSLP Common Body of Knowledge (CBK). However, you can become an Associate of (ISC)2 by passing the exam without the required work experience.
Learning Objectives
- Secure software concepts Core concepts and secure design principles for controlling the behavior, use and content of the system
- Secure software requirements Capturing functional and non-functional security requirements in the requirements gathering phase
- Secure software architecture and design Translating security requirements into application design elements
- Secure software implementation Applying secure coding and testing standards and tools to avoid introducing security vulnerabilities
- Secure software testing Testing for security functionality and resiliency to attack
- Secure software lifecycle management Strengthening the overall security posture of the software
- Secure software deployment, operations, maintenance Security issues around steady-state operations and management of software
- Secure software supply chain Provides a holistic outline of the knowledge and tasks required in managing risk for outsourced development, acquisition and procurement of software and related services
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Work Roles
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.