From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Unlock the full course today

Join today to access over 24,400 courses taught by industry experts.

Secure software implementation

Secure software implementation

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Start my 1-month free trial Buy for my team

Secure software implementation

- The fifth domain of the CSSLP is secure software implementation. This domain focuses on secure code practices and security control implementation, providing you with guidance on how you can secure both the code and your build environment. This domain accounts for 14% of the CSSLP exam. Learning how to adhere to relevant secure coding practices will account for most of your time spent studying this domain. Securing software at the code-level is one of the most effective and least expensive ways to achieve your security goals. Input validation, output sanitization, type safety, and cryptography, are just a few of the concepts you'll learn while studying this section. Once your development teams begin applying these secure coding practices, you'll want to validate those controls by analyzing that code for security risks. This includes a variety of techniques such as, searching vulnerability databases, performing code reviews, and running static, dynamic, and interactive security tests.…

Contents