Blog
Certified Secure Software Lifecycle Professional Exam Updates
Last week, IBM’s Security Intelligence blog reported on the highly-discussed cybersecurity skills shortage – and in particular, how some areas are lacking in talent more than others. “Software development is one of the areas most starved of security attention,” wrote Irene Michlin.
If you’ve set your sights on specializing in software development cybersecurity, the CSSLP certification is for you. Based on the results of the job task analysis conducted in 2019, the exam will be changing in several ways when it is published later this year. The number of items and the time allowed for the exam will be reduced (from 175 in four hours to 125 in three hours) without compromising the validity of the exam. There will also be updates made to five of the eight domains, and the weight of six domains.
The updates to the domains and their weights are noted below, with the differences highlighted:
July 2017 – September 14, 2020 |
||
# |
Domains |
Weights |
1 |
Secure Software Concepts |
13% |
2 |
Secure Software Requirements |
14% |
3 |
Secure Software Design |
16% |
4 |
Secure Software Implementation / Programming |
16% |
5 |
Secure Software Testing |
14% |
6 |
Secure Lifecycle Management |
10% |
7 |
Software Deployment, Operations and Maintenance |
9% |
8 |
Supply Chain and Software Acquisition |
8% |
Total: |
100% |
Effective September 15, 2020 |
||
# |
Domains |
Weights |
1 |
Secure Software Concepts |
10% |
2 |
Secure Software Requirements |
14% |
3 |
Secure Software Architecture and Design |
14% |
4 |
Secure Software Implementation |
14% |
5 |
Secure Software Testing |
14% |
6 |
Secure Software Lifecycle Management |
11% |
7 |
Secure Software Deployment, Operations, Maintenance |
12% |
8 |
Secure Software Supply Chain |
11% |
Total: |
100% |
By conducting job task analysis studies, updates are made to all (ISC)² certifications approximately every three years to ensure that they remain relevant to the roles and responsibilities of today’s practicing cybersecurity professionals. For more information on the upcoming updates to the CSSLP exam, read our FAQs .