CSSLP - Certified Secure Software Lifestyle Professional
$2695
5 days
Audience:
Ideal for software development and security professionals responsible for applying best practices to each phase of the SDLC – from software design and implementation to testing and deployment
Prerequisites:
To qualify for this certification, you must pass the exam and have at least four years of cumulative, paid work experience as a software development lifecycle professional in one or more of the eight domains of the (ISC)² CSSLP Common Body of Knowledge (CBK)
Description:
The Certified Secure Software Lifecycle Professional (CSSLP) validates that software professionals have the expertise to incorporate security practices – authentication, authorization and auditing – into each phase of the software development lifecycle (SDLC), from software design and implementation to testing and deployment.
Course Objectives:
After completing this course, students should have a general understanding of the following:
Discuss the core concepts of software security and the foundational principles that drive construction of resilient software.
Discuss the security design principles as essential elements for building secure software.
Discuss software security standards and frameworks, roadmaps and strategies and risk management.
Explain security in software development methodologies, security metrics and security culture in software development.
Identify and analyze software requirements pertaining to data privacy, security and compliance with laws and regulations.
Describe requirement specification and tractability, misuse and abuse cases and flow down of security requirements to supplier.
Explain secure architecture and design elements and patterns, architectural risk assessment, threat modeling, threat intelligence and attack surface evaluation.
Explain security architecture and control identification, prioritization and positioning.
Apply secure coding practices, analyze code for security risks and implement security controls.
Discuss third-party code and libraries, software composition analysis and security of the build process.
Discuss security testing strategy plan and analyze security testing methods.
Discuss validation and verification, security test results and tracking security errors.
Describe secure software integration and deployment, security data and post-deployment security testing.
Recognize various security-relevant maintenance activities and discuss planning for the continuity of operations.
Discuss software supply chain risks and analyze security of third-party software.
Explain supplier security requirements in the acquisition process and support for contractual requirements.
Scheduled Courses
Want to Take this Course on a Different Day?
LANTEC is very responsive to local client needs and unique or custom class demands. If you require a delivery date option for a class title on our schedule, please constact us. We can often accommodate countless additional courses NOT available on our public schedules, please inquire for personal assistance.