CSSLP | Certified Secure Software Lifecycle Professional
 
Official ISC2® Training Seminar for the Certified Secure Software Lifecycle Professional (CSSLP®) provides a comprehensive review of the knowledge required to incorporate security practices – authentication, authorization and auditing – into each phase of the Software Development Lifecycle (SDLC), from software design and implementation to testing and deployment.
This training course will help students review and refresh their knowledge and identify areas they need to study for the CSSLP exam. Content aligns with and comprehensively covers the eight domains of the ISC2 CSSLP Common Body of Knowledge (CBK®).
Official courseware is developed by ISC2– creator of the CSSLP CBK – to ensure your training is relevant and up to date. Our instructors are verified security experts who hold the CSSLP and have completed intensive training to teach ISC2 content.
 
Course Objectives
After completing this course, the student will be able to:
Discuss the core concepts of software security and the foundational principles that drive construction of resilient software.
Discuss the security design principles as essential elements for building secure software.
Discuss software security standards and frameworks, roadmaps and strategies and risk management.
Explain security in software development methodologies, security metrics and security culture in software development.
Identify and analyze software requirements pertaining to data privacy, security and compliance with laws and regulations.
Describe requirement specification and tractability, misuse and abuse cases and flow down of security requirements to supplier.
Explain secure architecture and design elements and patterns, architectural risk assessment, threat modeling, threat intelligence and attack surface evaluation.
Explain security architecture and control identification, prioritization and positioning.
Apply secure coding practices, analyze code for security risks and implement security controls.
Discuss third-party code and libraries, software composition analysis and security of the build process.
Discuss security testing strategy plan and analyze security testing methods.
Discuss validation and verification, security test results and tracking security errors.
Describe secure software integration and deployment, security data and post-deployment security testing.
Recognize various security-relevant maintenance activities and discuss planning for the continuity of operations.
Discuss software supply chain risks and analyze security of third-party software.
Explain supplier security requirements in the acquisition process and support for contractual requirements.
 
Who Should Attend
This training course is intended for professionals who have at least four years of cumulative, paid work experience as a software development lifecycle professional in one or more of the eight domains of the ISC2 CSSLP CBK. The course builds on and brings together the holistic view of the topics covered in the everyday environment of an information assurance professional. Experience in the following professions will greatly enhance the learning environment:
Software developers
Engineers and architects
Product managers
Project managers
Software QA
QA testers
Business analysts
Professionals who manage these stakeholders
 
Course Domains
Domain 1: Secure Software Concepts
Domain 2: Secure Software Requirements
Domain 3: Secure Software Architecture and Design
Domain 4: Secure Software Implementation
Domain 5: Secure Software Testing
Domain 6: Secure Software Lifecycle Management
Domain 7: Secure Software Deployment, Operations, Maintenance
Domain 8: Secure Software Supply Chain
 
Outline Course
Module 1:  Secure Software Concepts Domain
Module 2:  Secure Software Lifecycle and Risk Management Domain
Module 3: Secure Software Requirements Domain
Module 4: Secure Software Architecture and Design Domain
Module 5: Secure Software Implementation Domain
Module 6: Secure Software Testing Domain
Module 7: Secure Software Deployment, Operations and Maintenance Domain
Module 8: Secure Software Supply Chain Domain
Module 9: Applied Scenario Activities
 
Descargue el temario para conocer el detalle completo de los contenidos.
 
Debido a las constantes actualizaciones de los contenidos de los cursos por parte del fabricante, el contenido de este temario puede variar con respecto al publicado en el sitio oficial, sin embargo, Netec siempre entregará la versión actualizada de éste.