Get to Know the CSSLP

• Why Become a CSSLP Why Become a CSSLP

  Here are just a few reasons to earn your CSSLP certification:

  • Instant credibility. The CSSLP proves you’re a subject matter expert in application security. It shows you have desirable skills for employers around the world, giving you more opportunities.
  • Increased compensation. While pay practices vary by employer, many CSSLPs find that this software security certification can lead to pay gains and “skill premiums.”
  • Relevant, new knowledge. Earning the CSSLP is a great way to expand your security knowledge, in addition to affirming your expertise. It offers continuing education, so you can keep your skills current and relevant.
  • Versatile skills. The CSSLP isn’t product specific, so you can easily apply your skills to different technologies and methodologies.
  • A broader perspective. As a CSSLP, you have a holistic understanding of best practices, policies and procedures throughout the software development life cycle. And you have the skills to advise others on how to build secure software. This expertise can set you up for new jobs and opportunities.
  • Better protect your organization. You make software safer. You make the world safer. Simple as that. As a CSSLP, you have the power to protect your organization — and all the people counting on it to keep their sensitive data safe.
    
    

  What the Industry Is Saying About the CSSLP

  • Ranked #4 on the Certification Salary Survey 75 list with an annual salary of USD$143,150 in 2016 — Certification Magazine
  • Named one of the 8 Most In-Demand IT Security Certifications — CIO
  • Ranked #1 out of 20 Technology Certification That Are Paying Off in higher compensation — Foote Partners, ZDNet.com

  ANSI-Accredited
  The CSSLP certification is accredited by the American National Standards Institute (ANSI). This means it complies with the International Organization for Standardization and International Electrotechnical Commission (ISO/IEC) 17024 Standards. Why is accreditation important when choosing a certification program? Visit the Institute for Credentialing Excellence website for details.

   
• Should You Pursue the CSSLP? Should You Pursue the CSSLP?

  When it comes to software security certifications, we know you have choices. The CSSLP is the right choice for you if you:

  • Are involved in any phase of the software development lifecycle (SDLC), and you’re responsible for application security practices.
  • Want to show initiative. You’re always looking for new ways to challenge yourself and create safer applications from desktop to cloud.
  • Want to stay on top of your craft. You need to stay current, so you can conquer new application vulnerabilities.
  • Would like to be seen as the subject matter expert on security vulnerabilities — such as with application stacks, single sign-on initiatives or webhook integrations.
  • Want to ensure that security is not an after-thought in software development.
  • Need to better engage your key stakeholders throughout application development.
  • Want to do your best to protect your organization and keep sensitive data safe.

  The CSSLP is ideal for those working in roles such as:

  • Software Architect
  • Software Engineer
  • Software Developer
  • Application Security Specialist
  • Software Program Manager
  • Quality Assurance Tester
  • Penetration Tester
  • Software Procurement Analyst
  • Project Manager
  • Security Manager
  • IT Director/Manager
• Get the CSSLP Exam Outline Get the CSSLP Exam Outline

  The exam outline is a free resource that details the major topics and subtopics within the domains that are covered on the CSSLP exam. Reviewing this outline will help you determine which topics you may feel less confident about and develop a study plan around those topics.
  
  CSSLP Exam Outline

  For a complete list of acronyms and terms you may encounter during your (ISC)² exam, reference the translated (ISC)² Certification Acronym and (ISC)² Certification Terms glossaries.

• Getting CSSLP Training That’s Right for You Getting CSSLP Training That’s Right for You

  Prepare for your CSSLP exam through a combination of training courses and individual study. And learn from (ISC)² — the creator of the CSSLP CBK!
  
  Simply choose the best training format for your schedule, needs and learning style.

  • In-Person Training Seminars
  • Online Training Seminars

  

  Classroom-Based Training

  • Ideal for hands-on learners. We offer the most thorough review of the CSSLP CBK, industry concepts and best practices.
  • Five-day training events delivered in a classroom setting. Eight hours a day.
  • Available at (ISC)² facilities and through (ISC)² Official Training Providers worldwide.
  • Led by authorized instructors.

  Get details on Classroom-Based Training.

  ---

  

  Private On-Site Training

  • A cost-effective and convenient training solution if your organization has 10 or more employees taking the exam.
  • Tailored to your team’s schedule, budget and certification requirements.
  • Conveniently taught in your office space or a local venue.
  • Led by authorized instructors

  Get details on Private On-Site Training.

  

  Instructor-Led Training

  • Participate from the convenience of your computer. This saves you travel time and expense.
  • Weekday, weekend and evening options to fit your needs.
  • Comprehensive review of the CBK, so you’re ready for this cybersecurity certification.
  • Delivered in a variety of schedules with weekday, weekend, and evening options to suit your needs.
  • Access to recordings of all course sessions for 60 days.
  • Led by authorized instructors.


  Get details on Instructor-Led Seminars. >

  ---

  CSSLP Training Course Overview

  Our training helps you fully prepare for this software security certification. You will:

  • Review and refresh your information security knowledge (including information security concepts and industry best practices).
  • Identify areas you need to study for the CSSLP exam.

  You can expect an in-depth review of the eight domains of the CSSLP CBK — including discussion of industry best practices and timely software security concepts.
  
  (ISC)² authorized instructors lead all our training. You’re learning from industry experts who understand you. They know how to make the content highly relatable. And they go through a rigorous process to teach to our CBK.
  
  Plus, we use proven adult learning techniques to reinforce topics. This approach increases how much information you retain. Our techniques are highly interactive. They focus on real-world learning activities and scenarios, so you get the most out of training.

  Self-Study Tools

  In addition to training, we offer resources to help you with self-study. Our resources include the: 

  • CSSLP CBK Guide Official (ISC)² Guide to the CSSLP CBK Textbook
    
  • CSSLP Exam Outline Exam Outline
  • CSSLP Flashcards Interactive Flashcards
• Taking Your CSSLP Exam Taking Your CSSLP Exam

  Length of exam	Up to 4 Hours
  Number of questions	175 Questions
  Question format	Multiple Choice
  Passing grade	A passing score is 700 out of 1000 points
  Exam Languages	English
  Testing Center	Pearson Vue Testing Center

   

  Ready to sign up for the exam? Visit the Pearson VUE website to create an account and book your exam.

• Maintaining or Regaining CSSLP Certification Maintaining or Regaining CSSLP Certification

  Maintaining or Regaining Your CSSLP Certification

  Once you’ve earned this software security certification, you become a member of (ISC)². You enter one of the largest communities of information security professionals in the world. You gain access to unparalleled global resources and networking.

  Quite simply, you have endless opportunities to grow and refine your craft.

  But certification is a privilege that must be earned and maintained.

  To remain in good standing with your CSSLP, you need to:

  • Abide by the (ISC)² Code of Ethics.
  • Earn and post Continuing Professional Education (CPE) credits.
  • Pay your Annual Maintenance Fee (AMF).

  Here’s a closer look at each.

  Abiding by the (ISC)² Code of Ethics
  You agree to fully support and follow the (ISC)² Code of Ethics.

  Earning and Posting CPE Credits
  Software security is constantly changing. (You know this well!) You need to earn CPE hours to stay well-rounded and keep up your expertise.

  Over the three-year CSSLP certification cycle, you must earn and post a minimum of 90 CPE credits.

  CPEs may sound like a big task. However, (ISC)² makes it easy for you to earn your CPE credits on a regular basis.

  We offer access to:

  • Live educational events around the world.
  • Online seminars that can be taken in the comfort of your home or office. They’re available exclusively to (ISC)² members.
  • And many more learning opportunities.

  Paying Annual Maintenance Fees (AMFs)
  Once you earn this software security certification, you must pay USD$100 each year of your three-year certification cycle. Your payment is due before your certification or recertification annual anniversary date.

  Your payments help ensure that (ISC)² has the financial resources to:

  • Be a functional, dynamic entity for leading information security professionals (like you) far into the future.
  • Develop more CPE opportunities.
  • Continue to meet the certification needs and requirements of information security professionals.
  • Maintain member records.

  How to Regain Membership if Your CSSLP Ceases
  If you wish to regain membership, you’ll need to:

  • Pay any outstanding AMF payments. (This needs to take place before you sit for the exam.)
  • Retake and pass the exam to become certified again.
  • Contact Member Services to reactivate your certification after you pass the exam.

  Do you have questions about maintaining your CSSLP certification? Ask Member Services.