Information Security Training Icon

CSSLP Certification Prep Course


5 Days Classroom Session   |  
5 Days Live Online
Classroom Registration
Individual:
$4295.00
Live Online Registration
Live Online:
$4295.00
Private Onsite Package

This course can be tailored to your needs for private, onsite delivery at your location.

Request a Private Onsite Price Quote

Professional Credits

IIBA (CDU)

ASPE is an IIBA Endorsed Education Provider of business analysis training. Select Project Delivery courses offer IIBA continuing development units (CDU) in accordance with IIBA standards.

NASBA (CPE)

NASBA continuing professional education credits (CPE) assist Certified Public Accountants in reaching their continuing education requirements.

PMI (PDU)

Select courses offer Leadership (PDU-L), Strategic (PDU-S) and Technical PMI professional development units that vary according to certification. Technical PDUs are available in the following types: ACP, PBA, PfMP, PMP/PgMP, RMP, and SP.

Certification
Overview

This course is designed to take you through all aspects of the secure software lifecycle incorporating planning, designing, developing, acquiring, testing, deploying, maintaining, and managing software. You will learn a series of software methodologies to develop software that is secure and resilient to attacks while meeting software requirements for compliance, quality, functionality and assurance through design principles and processes. Participants will gain programming concepts that can effectively protect software from vulnerabilities. You will gain skills to manage risk through the adoption of standards and best practices for the proper development, testing, and learning to employ tools and resources necessary to mitigate risk across the entire lifecycle of products all while preparing for the official (ISC)2 CSSLP exam.

This course is your one source for exam preparation and includes:

  • Official (ISC)2 CSSLP Training Handbook
  • Official (ISC)2 CSSLP Flash Cards
  • CSSLP Certification Exam Voucher


This course covers the eight domains required to pass the CSSLP exam in depth:

Secure Software Concepts
Security Software Requirements
Secure Software Design
Secure Software Implementation/Coding
Secure Software Testing
Software Acceptance
Software Deployment, Operations, Maintenance and Disposal
About Supply Chain and Software Acquisition
Upcoming Dates and Locations
All Live Online times are listed in Eastern Time Guaranteed To Run

There aren’t any public sessions currently scheduled for this course, but if you fill out the form below, we can tell you about how we can bring this course to you!

Course Outline

This program covers 8 domains in 5 days. A modular format organizes and chunks information, which helps you retain the information as you are guided through the CSSLP course materials. Each knowledge domain of the class includes one or more of the following approaches to ensure supportive learning:

  • Presentation: The facilitator will explain content to participants using PowerPoint to guide the presentation. Multiple examples will be used to clarify points.
  • Short Lecture/Discussion: The facilitator will engage participants in conversation by asking questions and encouraging them to respond. Participants will be encouraged to provide examples from their experience.
  • Group Activity: Participants work in small teams of three or four. The facilitator will debrief with the entire class at the end of the activity.
  • Individual Activity: Individuals work on their own to complete an action plan, worksheet, or evaluation.

Part 1: Secure Software Concepts

  1. Concepts of Secure Software
  2. Principles of Security Design
  3. Security Privacy
  4. Governance, Risk, and Compliance
  5. Methodologies for Software Development

Part 2: Security Software Concepts provides you with concepts related to the core software security requirements and foundational design principles as they relate to issues of privacy, governance, risk, and compliance. Understand the software methodologies needed in order to develop software that is secure and resilient to attacks.

  1. Concepts of Secure Software
  2. Principles of Security Design
  3. Security Privacy
  4. Governance, Risk, and Compliance
  5. Methodologies for Software Development

Part 3: Security Software Requirements provides you with concepts related to understanding the importance of identifying and developing software with secure requirements. You incorporate security requirements in the development of software in order to produce software that is reliable, resilient, and recoverable.

  1. Policy Decomposition
  2. Classification and Categorization
  3. Functional Requirements - Use Cases and Abuse Cases
  4. Secure Software Operational Requirements

Part 4: Secure Software Design is one of the most important phases of the Software Development Life Cycle. The Security Software Design module provides you with an understanding of how to ensure that software security requirements are included in the design of the software. You will gain knowledge of secure design principles and processes, and be exposed to different architectures and technologies for securing software.

  1. Importance of Secure Design
  2. Design Considerations
  3. The Design Process
  4. Securing Commonly Used Architectures

Part 5: Secure Software Implementation/Coding provides you with an understanding of the importance of programming concepts that can effectively protect software from vulnerabilities. Cover topics such as software coding vulnerabilities, defensive coding techniques and processes, code analysis and protection, and environmental security considerations that should be factored into the software.

  1. Fundamental Programming Concepts
  2. Code Access Security
  3. Vulnerability Databases and Lists
  4. Defensive Coding Practices and Controls
  5. Secure Software Processes

Part 6: Security Software Testing addresses issues pertaining to proper testing of software for security, including the overall strategies and plans. You will understand the different types of functional and security testing that should be performed, the criteria for testing, concepts related to impact assessment and corrective actions, and the test data lifecycle.

  1. Artifacts of Testing
  2. Testing for Secure Quality Assurance
  3. Types of Testing
  4. Impact Assessment and Corrective Action
  5. Test Data Lifecycle Management

Part 7: Software Acceptance covers requirements for software acceptance paying specific attention to compliance, quality, functionality, and assurance. You will learn about pre and post-release validation requirements as well as pre-deployment criteria.

  1. Software Acceptance Considerations
  2. Post-release

Part 8: Software Deployment, Operation, Maintenance, and Disposal provides you with knowledge pertaining to the deployment, operations, maintenance, and disposal of software from a secure perspective. You identify processes during installation and deployment, operations and maintenance, and disposal that can affect the ability of the software to remain reliable, resilient, and recoverable in its prescribed manner.

  1. Installation and Deployment
  2. Operations and Maintenance
  3. Disposal of Software

Part 9: Supply Chain and Software Acquisition gives you the knowledge to perform effective assessments on an organizations cyber-supply chain, and describes how security applies to the supply chain and software acquisition process. You will understand the importance of supplier sourcing and being able to validate vendor integrity, from third-party vendors to complete outsourcing. Finally, cover how to manage risk through the adoption of standards and best practices for the proper development, testing, and learn to employ tools and resources necessary to mitigate risk across the entire lifecycle of products.

  1. Supplier Risk Assessment
  2. Supplier Sourcing
  3. Software Development and Test
  4. Software Delivery, Operations, and Maintenance
  5. Supplier Transitioning
Who should attend
  • Software developers
  • Engineers
  • Architects
  • Software QA
  • QA testers
  • Individuals pursuing CSSLP® Certification