CSSLP - Certified Secure Software Lifecycle Professional

PLEASE NOTE: Effective July 1, 2017, the CSSLP exam will be based on a new exam outline. The professional work experience requirement for the CSSLP remains 4 years, but some of the domains and their weights have changed. Please refer to the CSSLP Exam Outline and our FAQs for details. 

Enabling the Next Generation to Build Secure Software

Attackers and researchers continue to expose new application vulnerabilities, and it's no wonder that application vulnerabilities are ranked the #1 threat to cybersecurity professionals (according to the 2015 (ISC)² Global Information Security Workforce Study). Web application security must be a priority for organizations to protect their business and reputation. For this reason, it is crucial that anyone involved in the software development lifecycle (SDLC) be knowledgeable and experienced in understanding how to build secure software.

The CSSLP certification validates software professionals have the expertise to incorporate security practices – authentication, authorization and auditing – into each phase of the SDLC, from software design and implementation to testing and deployment. CSSLPs have proven proficiency in:

  • Developing an application security program in their organization
  • Reducing production costs, application vulnerabilities and delivery delays
  • Enhancing the credibility of their organization and its development team
  • Reducing loss of revenue and reputation due to a breach resulting from insecure software

Who should obtain the CSSLP certification?

The Certified Secure Software Lifecycle Professional (CSSLP) is for everyone involved in the SDLC.  CSSLPs often hold positions such as the following: 

  • Software Architect
  • Software Engineer
  • Software Developer
  • Application Security Specialist
  • Software Program Manager
  • Quality Assurance Tester
  • Penetration Tester
  • Software Procurement Analyst
  • Project Manager
  • Security Manager
  • IT Director/Manager 

Don't have the application security experience to earn your certification? Earn your experience to become a CSSLP as an Associate of (ISC)² by successfully passing the CSSLP exam. You'll have up to 5 years to earn your experience. Find out more about becoming an associate.

Globally Recognized Proficiency in Application Security

The CSSLP draws from a comprehensive, up-to-date, global common body of knowledge that ensures software professionals have deep knowledge and understanding of how to build secure software. CSSLP tests one competence in the following 8 domains

  • Secure Software Concepts
  • Secure Software Requirements
  • Secure Software Design
  • Secure Software Implementation/Coding
  • Secure Software Testing
  • Software Acceptance
  • Software Deployment, Operations, Maintenance and Disposal
  • Supply Chain and Software Acquisition 

CSSLP Exam Information

Length of exam     4 hours
Number of questions 175
Question format Multiple choice questions
Passing grade 700 out of 1000 points
Exam Language English
Testing center Pearson Vue Testing Center
Study tools

Official (ISC)² Guide to the CSSLP CBK

Official (ISC)² training seminar

CSSLP eLearning

Interactive Flashcards

Exam outline

Download the CSSLP brochure.

 All (ISC)² certifications, except CCFP, are accredited by the American National Standards Institute (ANSI) to be in compliance with the International Organization for Standardization and International Electrotechnical Commission (ISO/IEC) 17024 Standards. Why is accreditation important when choosing a certification program? Visit the Institute for Credentialing Excellence website.

Logo CSSLP
certs chart top

 orange line

White Paper

The Need for
Improved Software Quality

Download Now  

orange line  

 

CSSLP Named #1 Tech Cert that is Paying Off by Foote Partners

csslp named #1 tech certFoote Partners found that IT professionals with certs continue to see a competitive edge in compensation. Out of the top 20 certs that Foote predicts will increase in value the first half of 2014, CSSLP is #1.

Read the article orange arrow small