cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Early_Adopter
Community Champion

CSSLP

Thinking of doing the CSSLP, more for fun and interest than anything else, but it's still probably a major time commitment, so I've some questions for any CSSLP's(and any other good folks with an opinion) out there:

 

  • Did you find you learned new things in the process of preparing for and undertaking the certification?
  • The guide books I see are from 2013, is the material fresh enough and are there any more up to date compendiums of knowledge you'd reccomend?
  • Lastly, do you feel you directly use what you learned pratically in your day to day? For example threat modeling etc? 

Cheers,

 

Michael 

 

5 Replies
Badfilemagic
Contributor II

I got my CSSLP August and the 2013 book was fine. Depending on what exactly you work in, some of the material may be a bit stale but most of it was fine. I found the process mostly helpful to organize things i already knew, but did learn new things and some new approaches.

Since it was more applicable to my day-to-day than CISSP was, I was able to stay more engaged with the material with just self study (tbh, hard not to zone out on a couple of CISSP domains).

Over all, I think it's worth while if it is relevant to you.
-- wdf//CISSP, CSSLP
QuangLuong
Newcomer I

In my humble opinion, learning the material will give you familiarization and awareness, which is more powerful than memorization.  It will serve as a guidepost to know where to look for information when the need arises.  But to answer your question:

 

  • Did you find you learned new things in the process of preparing for and undertaking the certification? Yes.
  • The guide books I see are from 2013, is the material fresh enough and are there any more up to date compendiums of knowledge you'd recommend?  They are always updating per new rules and requirements.  I always recommend the latest information (at least within the past 2 years).  As some content is removed and some added, you'll want to make sure you prepare properly.
  • Lastly, do you feel you directly use what you learned pratically in your day to day? For example threat modeling etc? It is so broad that there will always be something useful.  However, the content is mostly catered toward baking in security over the software development life cycle.  It will ultimately depend on how much money your contract is willing to spend on implementing security in each phase of the life cycle.
Early_Adopter
Community Champion

Thanks very much to both of you.

sophia_cart
Newcomer II

Thanks very much to both of you.

CSSLP (certified secure software lifecycle professional) is a certification from (ISC)2 that focuses on application security within the software development lifecycle (SDLC).

Early_Adopter
Community Champion

@sophia_cart Naughty robot, bad, bad!