Official (ISC)² Certification Training for the CSSLP

Led by an (ISC)² authorized instructor, this training seminar provides a comprehensive review of application security concepts and industry best practices, covering the 8 domains of the CSSLP Common Body of Knowledge (CBK).

• Domain 1 | Secure Software Concepts
• Domain 2 | Secure Software Requirements
• Domain 3 | Secure Software Architecture and Design
• Domain 4 | Secure Software Implementation
• Domain 5 | Secure Software Testing
• Domain 6 | Secure Software Lifecycle Management
• Domain 7 | Secure Software Deployment, Operations, Maintenance
• Domain 8 | Secure Software Supply Chain

5 Days of Official (ISC)² CSSLP Training, Led by an Authorized (ISC)² Instructor                                                       

• Official (ISC)² Student Training Guide (electronic format):
• Online Interactive Flash Cards
• 180 Days Access to Class Recordings
• CSSLP Study Group
• Education Guarantee (see below for details)

Activities Include:                                                                                

• 17 Applied Scenarios with Corresponding Activities, teaching how to apply security through the SDLC process.
• 24 Discussions, encouraging peer to peer interaction around key topics.
• 7 Content-Specific Activities
• 8 End of Chapter Quizzes, with answer explanation to assess comprehension.
• 160 Question Post Course Assessment, with answer explanation highlighting areas for further study.

The Intrinsec Added Advantage                                                                     

• CSSLP Certified Secure Software Lifecycle Professional All-in-One Exam Guide, McGraw-Hill
• Pearson VUE Exam Support
• (ISC)² Preferred Partner CPE Submission Program
• Education Guarantee (below for details)

Pearson VUE CSSLP Certification Exam Voucher can be added at checkout.  Exam voucher cost is $599 for 1 attempt and is valid for one year from purchase.

Please be Advised:  Only Official (ISC)² Training Partners can legally provide exam vouchers. Exam vouchers can only be purchased with training.

**Education Guarantee Intrinsec wants its candidates to successfully pass their certification exam and achieve their goal of earning an (ISC)² credential.  Included in your Training Seminar is the (ISC)² Education Guarantee.  If you do not pass the exam after completing our Training Seminar, you can take a second course at no cost to you (within one year of taking the initial seminar).  The Education Guarantee covers the cost of the second seminar only. You will have to pay the full price for your second attempt at the exam.

At the end of this course, learners will be able to:

• Discuss the core concepts of software security and the foundational principles that drive construction of resilient software.
• Discuss the security design principles as essential elements for building secure software.
• Discuss software security standards and frameworks, roadmaps and strategies, and risk management.
• Explain security in software development methodologies, security metrics, and security culture in software development.
• Identify and analyze software requirements pertaining to data privacy, security, and compliance with laws and regulations.
• Describe requirement specification and tractability, misuse and abuse cases, and flow down of security requirements to the supplier.
• Explain secure architecture and design elements and patterns, architectural risk assessment, threat modeling, threat intelligence, and attack surface evaluation.
• Explain security architecture and control identification, prioritization, and positioning.
• Apply secure coding practices, analyze code for security risks and implement security controls.
• Discuss third-party code and libraries, software composition analysis, and security of the build process.
• Discuss the security testing strategy plan and analyze security testing methods.
• Discuss validation and verification, security test results, and tracking security errors.
• Describe secure software integration and deployment, security data, and post-deployment security testing.
• Recognize various security-relevant maintenance activities and discuss planning for the continuity of operations.
• Discuss software supply chain risks and analyze the security of third-party software.
• Explain supplier security requirements in the acquisition process and support for contractual requirements.

Intrinsec’s Concierge Service focuses on you, providing a personalized human experience with one of our concierge representatives to ensure that you have a perfect experience from day one and beyond.

Not only will your representative reach out to you when you sign up, providing you with all the information you need, but they will also be on stand-by for any and all questions you may have.

After you have completed your class your concierge representative can provide you with relevant recommendations for upcoming events, discounts on training, and suggestions to help further your career.

The intended audience for the CSSLP training program is professionals who are involved in any phase of the software development life cycle and those who are responsible for application security practices.

Typically speaking, CSSLP is ideal for those working in roles such as, but not limited to:

• Software Architect
• Software Engineer
• Software Developer
• Application Security Specialist
• Software Program Manager
• Quality Assurance Tester
• Penetration Tester
• Software Procurement Analyst
• Project Manager
• Security Manager
• IT Director/Manager

What do I need to get my CSSLP certification?

To qualify for your CSSLP certification you will need a minimum of four years of cumulative paid work as a development lifecycle professional in least one year in one or more of the eight domains covered in the CSSLP Common Body of Knowledge (CBK).

What if I don’t yet have that experience?

Not to worry! If you don’t yet have that work experience, as you may become an Associate of (ISC)2 by passing the CSSLP exam. From there, you can work towards accumulating work experience to get your full fledged CSSLP certification!

What counts towards paid work experience?

Paid work experience can come from full-time, part-time or even internships (internships can be paid or unpaid). Each of these categories are defined as:

• Full-Time Experience: A minimum of 35 hours/week, this experience is accursed monthly, meaning 4 weeks of 35 hours or more equals one month of experience.
• Part-Time Experience: Between 20 and 34 hours/week, with the hours logged converting to full-time experience as such:
  • 1040 hours of part-time = 6 months of full-time experience
  • 2080 hours of part-time = 12 months of full-time experience
• Internships: Internship experience can be paid or unpaid to qualify. Documentation on company/organization letterhead confirming your position is required.

Is there anything else I need to get my CSSLP certification?

The last step to getting CSSLP certified is to get endorsed by others, this simply ensures that your claimed professional experience is true and that you are in good standing in the cybersecurity industry.

Have more questions? Read our Frequently Asked Questions page or simply send your questions to us directly via our Contact Us page or our Live Chat and we will be more than happy to assist with any and all questions!