Scroll to top button

Certified Secure Software Lifecycle Professional

Start your prep for ISC2 CSSLP exam with the Certified Secure Software Lifecycle Professional course. The course provides complete coverage of exam objectives topics including secure software concepts; secure software requirements; secure software design; secure software implementation/coding; secure software testing; software acceptance; software deployment, operations, maintenance, and disposal.

The Certified Secure Software Lifecycle Professional certification exam is a standalone certification from ISC2 with the exam code CSSLP. The certification is targeted at information security professionals who act as leader in organization and play key role in incorporating security into each phase of the software lifecycle. The exam provides knowledge about supply chain and software acquisition.

Glossary of terms
Pre Assessment Questions
Full Length Tests
Post Assessment Questions
Exam related FAQs
What is the exam registration fee? USD 549
Where do I take the exam? Pearson VUE
What is the format of the exam? The exam consists of linear and multiple choice questions.
What are the pre-requisites of the exam?

ISC2 has the following pre-requisites for CSSLP certification:

  • A minimum of four years of cumulative, paid, full-time Software Development Lifecycle (SDLC) professional experience.
  • In one or more of the eight domains of the CSSLP Common Body of Knowledge (CBK).
How many questions are asked in the exam? The exam contains 175 questions.
What is the duration of the exam? 240 minutes
What is the passing score? 700

(on a scale of 0-1000)

What is the exam's retake policy?

In the event that you fail your first attempt at passing the CSSLP certification, ISC2's retake policy is:

  • Candidates who do not pass the exam the first time will be able to retest after 30 days.
  • Candidates that fail a second time will need to wait 90 days prior sitting for the exam again
  • If a candidate fails third time, the next available time to sit for the exam will be 180 days after the most recent exam attempt.
Where can I find more information about this exam? To know more about the CSSLP, click here.
Which certification covers this exam?
What are the career opportunities after passing this exam?

An ISC2 certified professional has several career opportunities open up to them, including:

  • Software developer
  • Engineer and architect
  • Product manager
  • Project manager
  • Business analyst
  • Core concepts
  • Security design principles
  • Privacy
  • Governance, risk and compliance
  • Software development methodologies
  • Policy decomposition
  • Data classification and categorization
  • Functional requirements
  • Operational requirements
  • Design process
  • Design consideration
  • Securing commonly used architecture
  • Technologies
  • Declarative versus imperative (programmatic) security
  • Vulnerability databases/lists
  • Defensive coding practices and controls
  • Source code and versioning
  • Development and build environment
  • Code/peer review
  • Code analysis
  • Anti-tampering techniques
  • Testing artifacts
  • Testing for security and quality assurance
  • Types of testing
  • Impact assessment and corrective action
  • Test data lifecycle management
  • Pre-release and pre-deployment
  • Post-release
  • Installation and deployment
  • Operations and maintenance
  • Software disposal
  • Supplier risk assessment
  • Supplier sourcing
  • Software development and test
  • Software delivery, operations, and maintenance
  • Supplier transitioning