Announcements
Planned Site Maintenance
Due to scheduled maintenance, account creation for new Community users will be unavailable 11 a.m. Eastern October 23, 2020 – October 24, 2020. We apologize for any inconvenience.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Viewer II

Which certification wil be best for developer

Hi ,
I am software developer with 6+ year of experience.i worked on large scale enterprise application development.i am interested in application security and I would like to know which certification will benefit me.will CSSLP good for me?
3 Replies
Highlighted
Newcomer I

Re: Which certification wil be best for developer

With a forte already established within the Development arena the CSSLP would definitely be right in your wheelhouse. Depending on where you want to go with your career other Certs could have value for you to move in that direction. Assuming you are sticking with Development at some level the CSSLP would be the top recommendation.

 

Cheers,

Highlighted
Viewer

Re: Which certification wil be best for developer

Hello,

 

I hold a CSSLP certification and found that it provided me with a good foundation in SELC principles.  That being said if you are planning on working on a DoD contract you might want to consider  the CISSP since it shares many of the same domains as the CSSLP and would qualify you for performing more IA functions.   Check out the link below for DoD approved 8570 baseline certifications.

 

https://iase.disa.mil/iawip/Pages/iabaseline.aspx

 

Good luck!

Gwen

 

 

Highlighted
Viewer III

Re: Which certification wil be best for developer

I received my CSSLP at the beginning of the year.  I considered going for the CISSP but did not feel I had the proper years of experience in enough areas to qualify.  The CSSLP I feel introduces the terminology, regulations, and how to integrate security in each area of the lifecycle.  I feel like the CSSLP is the beginning of the process.  After that comes digging into regulations and material to show how to counteract vulnerabilities and determining if your company has any guidelines on development security.  One word of warning on the CSSLP the training material and the actual test questions are different.  The questions in the training material are more definition/regulation based and for me on the test were scenario based.  Also if you have not already done so if you work for a company engage your supervisor so that he/she can offer any department/company advice.