CERTIFIED SECURE SOFTWARE LIFECYCLE PROFESSIONAL (CSSLP)
The Certified Secure Software Lifecycle Professional (CSSLP) course provides in-depth knowledge and practical skills required to integrate security throughout the entire software development lifecycle (SDLC). The certification is awarded by ISC2 and is globally recognized for professionals responsible for designing, developing, testing, deploying, and maintaining secure software systems. CSSLP emphasizes preventive security, ensuring that vulnerabilities are identified and mitigated early in the development process rather than after deployment. The course covers secure requirements, architecture, coding practices, testing, deployment, maintenance, and governance. Successful completion prepares participants for the CSSLP certification examination and roles in application security, DevSecOps, and secure software engineering. Course Objectives By the end of this course, learners will be able to: Integrate security into all phases of the software lifecycle Define secure software requirements and design principles Apply secure coding standards and best practices Identify and remediate software vulnerabilities Implement secure testing and validation techniques Secure software deployment, operations, and maintenance Align secure development with governance and compliance Prepare for the CSSLP certification examination
Course Curriculum
1
- Secure software principles
- Software vulnerabilities and threats
- Secure SDLC models
- Risk-based software security
2
- Security requirements gathering
- Threat modeling fundamentals
- Abuse and misuse cases
- Regulatory and compliance considerations
3
- Secure design principles
- Architecture risk analysis
- Secure patterns and frameworks
- Third-party and component security
4
- Secure coding standards
- Common coding vulnerabilities
- Input validation and error handling
- Secure use of APIs and libraries
5
- Security testing methodologies
- Static and dynamic analysis
- Penetration testing concepts
- Managing vulnerabilities and defects
6
- Secure configuration and deployment
- Change and release management
- Patch management
- Monitoring and incident response for applications
7
- Governance of secure development
- Metrics and performance measurement
- Secure DevOps and automation
- Continuous improvement in application security
8
- Software supply chain risks
- Open-source and third-party software security
- Code integrity and provenance
- Assurance and trust models
9
- Instructor-led professional training
- Secure coding and application security labs
- Case studies and SDLC security scenarios
10
- Application security engineers
- Software developers and architects
- DevSecOps and DevOps professionals
- Secure SDLC and quality assurance leads
- Cybersecurity professionals focusing on application security
- Professionals preparing for the CSSLP certification
11
- No prerequisite to sit for the exam
- At least four years of cumulative, paid work experience in one or more CSSLP domains is required for certification award (per ISC2 requirements; waivers may apply)
12
- Domain-based quizzes and evaluations
- Secure development and testing exercises
- Mock CSSLP examinations
- Final assessment aligned with the CSSLP exam
13
Successful candidates earn the Certified Secure Software Lifecycle Professional (CSSLP) designation, validating expertise in secure software development and application security governance.
This course includes
- 13+ Activity Modules
- 40 hours + lessons
- Lifetime access
- Certificate of completion
- Available on desktop and mobile
Some of Our Partners
