Sign In

Sign In here to pay AMFs, submit CPEs, update profile settings, review transactions, and more.



CSSLP® Professional Experience Requirements

Do you have the proper experience to earn an CSSLP certification?

You must have a minimum of four years of recent work experience in one or more of these seven domains of the CSSLP CBK®:  

  • Secure Software Concepts
    Security implications in software development  
  • Secure Software Requirements
    Capturing security requirements in the requirements gathering phase  
  • Secure Software Design
    Translating security requirements into application design elements  
  • Secure Software Implementation/Coding
    Unit testing for security functionality and resiliency to attack, and developing secure code and exploit mitigation  
  • Secure Software Testing
    Integrated QA testing for security functionality and resiliency to attack  
  • Software Acceptance
    Security implication in the software acceptance phase  
  • Software Deployment, Operations, Maintenance and Disposal
    Security issues around steady state operations and management of software  

Note: If certain circumstances apply, and with appropriate documentation, candidates are eligible to waive one year of professional experience.

Professional Experience Requirement Based on Education 

Candidates can substitute a maximum of one year of direct full-time professional work experience described above if they have a four-year college degree, or regional equivalent in Computer Science, Information Technology (IT) or related fields.