CSSLP: Certified Secure Software Lifecycle Professional

This course provides software professionals with in-depth knowledge of how to integrate security throughout the entire software development lifecycle. Participants learn how to design, develop, test, deploy, and maintain secure applications by applying security best practices from requirements through retirement. The course is aligned with the CSSLP certification from ISC2 and combines theory, real-world examples, and practical guidance to help participants build and maintain secure software solutions.

Key takeaways

After completing this course, participants will have the knowledge required to integrate security practices across the full software lifecycle and prepare for the CSSLP certification exam.

Understand secure software lifecycle principles and governance
Apply security requirements and risk management during software design
Implement secure coding practices and development standards
Identify and mitigate software vulnerabilities during development and testing
Apply security controls to deployment, operations, and maintenance
Integrate security into DevOps and CI/CD pipelines
Align application security with compliance and regulatory requirements

Prerequisites

Recommended:

Experience in software development, architecture, or application security
Familiarity with software development methodologies
Basic understanding of information security concepts

Target audience

Software Developers
Application Architects
DevOps Engineers
Application Security Engineers
Security Consultants
Technical Project Managers

Secure software lifecycle management

The course begins with an overview of secure software lifecycle concepts, governance models, and risk management. Participants learn how to integrate security into planning, requirements, and design phases.

Secure software requirements and design

This section focuses on defining security requirements, threat modeling, and secure design principles. Participants learn how to identify risks early and design applications that reduce attack surfaces.

Secure software implementation

Participants learn secure coding concepts, common vulnerabilities, and how to apply secure development standards. The section covers defensive coding techniques and secure use of frameworks and libraries.

Secure testing and validation

This section covers security testing methods, including static and dynamic analysis, penetration testing concepts, and vulnerability management during the testing phase.

Secure deployment and operations

Participants learn how to secure software during deployment and operations, including configuration management, environment hardening, logging, monitoring, and incident response considerations.

Software maintenance and lifecycle management

The course concludes with maintaining and retiring applications securely, including patch management, vulnerability remediation, change management, and secure decommissioning.

This course and materials will help prepare you to take the (ISC)2 CSSLP certification exam.

IMPORTANT! The CC exam voucher is NOT included in this CC training.

Is this course suitable for developers without a security background?
Yes. The course is suitable for developers and technical professionals who want to strengthen their application security knowledge.

Is this course hands-on?
The course focuses on practical concepts and real-world scenarios rather than tool-specific labs.

How long does the course last?
The course is delivered over five days as instructor-led training.

Does the course prepare me for certification?
Yes. The course is designed to prepare participants for the CSSLP certification exam.

Kursavgift:	43 000 NOK
Varighet:	5 dager
Språk	English course material, English speaking instructor