Useful Tips on How to Approach the CSSLP

I’m working as a senior software engineer in Java/J2EE (Java 2 Platform, Enterprise Edition) technology. I have more than five years of experience in software development life cycle (SDLC) and more than three years in secure software development. I’m planning to do a certification in Certified Secure Software Lifecycle Professional (CSSLP), but can’t find any related material. Could you guide me to tutorials or a study guide and provide more details regarding this certification, such as registration, preparation and so on?


(ISC)2’s CSSLP is one of the few security certifications available for people involved with the software life cycle. Like the SSCP (Systems Security Certified Practitioner) and the CISSP (Certified Information Systems Security Professional), it consists of seven domains aimed specifically at software, analysis and design.

There are several study resources available, and I always recommend using more than just one.

To start, the following books can serve as a good resource: The CSSLP Prep Guide: Mastering the Certified Secure Software Lifecycle Professional by Ronald Krutz and Alexander Fry and the Official (ISC)2 Guide to the CSSLP by Mano Paul (due out soon).

For computer-based training, consider the CSSLP Certification Training Video Course on CD from CBT Planet. For class-based training, there are the seven-day boot camps from training providers like Firebrand as well as the 2010 CBK Review Seminars.

However, the first place to look for information on and register for the CSSLP would be (ISC)2’s own Web site.

Keep in mind that once…

Ken Wagner


Posted in Dear CertMag|


Powered by WebDesk