I earned the SSCP certification recently and want to take another certification exam. Which is an all-around better certification? The CSSLP or the CISSP and why?
Kia ora nettier,
First of all congratulations on making the SSCP exam. Well done!
choosing between CSSLP or CISSP really depends on your occupation and which of both fits best in your career path. Both are really excellent certifications, but are different.
CISSP is more general, but overall goes deeply detailed into almost all aspects if information security. You will learn about risk management, security architecture, encryption, network security, secure software development, identity access management and much more!
CSSLP is much more focussed at secure software development and the entire software lifecycle. You will learn about requirements, secure design and architecture, software testing, deployment and operations and of course secure software concepts.
If you have the possibility for longer term planning of your security career, I would advise to start studying for the CISSP, get that certification and then follow that with CSSLP to focus your career further into the secure software development..
Good luck with choosing!
Ger van Hees, CISSP
I would say the more basic question is whether you have already fulfilled or are close to fulfilling the work requirement for each of the certifications: minimum of 4 years of paid full-time employment in at least one of the 8 domains for the CSSLP; minimum of 5 years of cumulative employment in at least two of the 8 domains of the CISSP. Each has a distinct focus intended for entirely different audiences.