Sie sind auf Seite 1von 2

CSSLP ®

FOR PROFESSIONALS
EDUCATION PROGRAM

(ISC)2® CSSLP® CBK® Education Program


Be a leader in security throughout the Software Development Lifecycle (SDLC). (ISC)2’s
Official 5-day CSSLP CBK Education Program is your exclusive way to learn security best
practices and industry standards for the software lifecycle - critical information to a
Certified Secure Software Lifecycle Professional (CSSLP). Through this program you will gain
knowledge and learn best practices on how security should be built into each phase of the
software lifecycle. It will also detail security measures that need to take place beginning with the
requirement phase, through software specification and design, all the way through software testing
and ultimate disposal. This will ensure you’re properly prepared to take on a barrage of constantly
evolving vulnerabilities exposed in software development.

The CSSLP CBK® contains the largest, most comprehensive, collection of best practices, policies,
and procedures, to ensure a security initiative across all phases of application development,
regardless of methodology.

Official (ISC)2 CBK Education Seminars are available throughout the world at (ISC)2 facilities
and through (ISC)2 Authorized Education Affiliates. Class curriculum is created by CSSLP subject
matter experts and conducted by only (ISC)2 Authorized Instructors, each of whom is up-to-date
on the latest software security developments and is an expert in the CSSLP domains.

(ISC)2 Live OnLine – Register now for the real time CSSLP CBK Education program
that is delivered synchronously over the Internet. From the convenience of your
computer anywhere in the world, you will benefit from an instructor facilitating the
course, immediately addressing questions, fostering interaction and participation,
and providing direct lab and exercise feedback. Even more helpful, sessions are
recorded and may be replayed for review.

The course material, covering the seven CSSLP domains of the CBK, is designed
to reflect the latest software security issues, concerns, and countermeasures.

“The instructor was a world-class expert who made the course


e– an extremely valuable experience for me. As a systems engineer,
Live OnLin
E d u c a tion who is not a hands-on software developer, but who must know
Virtual
able!
Now Avail how to develop secure software-intensive systems, this
course was just what I needed. There is a great
need to get this knowledge out to practicing
information-system engineers, and the CSSLP
approach is the right way to do it.”

- Bob Jacobs
Senior Systems Engineer
Computer Systems Center Inc.
CSSLP ®

An intense program,(ISC)2®’s Official CSSLP® CBK® Education Seminar teaches


tools and processes on how to build security into each phase of the
software lifecycle.
You’ll get an in-depth breakdown of the CSSLP Domains, while
identifying key study areas, including:
• 100% up-to-date material
• contributions from CSSLPs, (ISC)2 Authorized Instructors
and subject matter experts
• an overview of the scope of security within software
development
The comprehensive (ISC)2 CSSLP CBK Education Program covers the following domains:
• Secure Software Concepts - security implications and methodologies within
centralized and decentralized environments across the enterprise’s computer systems in

© 2011 International Information Systems Security Certification Consortium, Inc. All Rights Reserved.
software development.
• Secure Software Requirements - capturing security controls used during the
requirements phase to integrate security within the process, to identify key security objectives,
and to maximize software security while minimizing disruption to plans and schedules.
• Secure Software Design - translating security requirements into application design
elements including documenting the elements of the software attack surfaces, conducting
threat modeling, and defining any specific security criteria.
• Secure Software Implementation/Coding - involves the application of coding
and testing standards, applying security testing tools including ‘fuzzing’, static-analysis code
scanning tools, and conducting code reviews.
• Secure Software Testing - integrated QA testing for security functionality and
resiliency to attack.
• Software Acceptance - security implications in the software acceptance phase including
completion criteria, risk acceptance and documentation, Common Criteria and methods of
independent testing.
• Software Deployment, Operations, Maintenance and Disposal - security
issues around steady state operations and management of software. Security measures that
must be taken when a product reaches its end of life.
There are several organizations that offer (ISC)2 education and make unauthorized claims of
above average test scores and inflated pass rates. A candidate should be cautious since test
scores and pass rates are never revealed. Be sure you are considering official (ISC)2 CBK
education from an authorized provider.
For additional details on the CSSLP Education Program, visit www.isc2.org/csslpedu.

(ISC)2 is the premier not-for-profit organization dedicated to certifying information security professionals around the world.
With tens of thousands of credentialed specialists worldwide, (ISC)2 is dedicated to helping both the certified individual and
their organization be successful in the application and information security industry. Indeed, our credentials are considered
the Gold Standard in information security. So (ISC)2 is the logical first contact for anyone serious about protecting information
assets at an unsurpassed level of excellence. CLP010.0
(02/11)

www.isc2.org

Das könnte Ihnen auch gefallen