(ISC)2 has a new certification titled
Certified Secure Software Lifecycle Professional (CSSLP) which covers the following domains below:
- Secure Software Concepts - security implications in software development
- Secure Software Requirements - capturing security requirements in the requirements gathering phase
- Secure Software Design - translating security requirements into application design elements
- Secure Software Implementation/Coding - unit testing for security functionality and resiliency to attack, and developing secure code and exploit mitigation
- Secure Software Testing - integrated QA testing for security functionality and resiliency to attack
- Software Acceptance - security implication in the software acceptance phase
- Software Deployment, Operations, Maintenance and Disposal - security issues around steady state operations and management of software
Currently the CSSLP is not on the DoD 8570 list of approved IA certifications but the plan is to be on the list. The CSSLP is the first (ISC)2 certification that can be taken at a computer in an approved testing center.
No comments:
Post a Comment