Definition:
The CSSLP is the newest certification available from the (ISC)2. It is the only certification of its kind - ensuring that security is considered throughout the entire software lifecycle. It's comprised of seven Domains created around the specific need for building security in the software lifecycle. The seven domains covered include:
- Secure Software Concepts - security implications in software development
- Secure Software Requirements - capturing security requirements in the requirements gathering phase
- Secure Software Design - translating security requirements into application design elements
- Secure Software Implementation/Coding - testing for security functionality and resiliency to attack, and developing secure code and exploit mitigation
- Secure Software Testing - testing for security functionality and resiliency to attack
- Software Acceptance - security implication in the software acceptance phase
- Software Deployment, Operations, Maintenance and Disposal - security issues around steady state operations and management of software
The first CSSLP exams will be available in June, 2009. To obtain more information about the CSSLP from (ISC)2 fill out the CSSLP information request form.