I have recently (in February) passed my SSCP certification and became a Member of (ISC)² as well as our company's CISO (yes, this is the highest qualification in my company. I know it's sort of ironic). As I still maintain my curent day-to-day job as an software developer here, albeit with outreach to information and systems security, I keep my eyes on the CSSLP exam.
Since our company does on-premise software, there's always not only "new version", but also new products rolling on, and recently, I feel that people around here are starting to take security and secure application planing into consideration more and more. We started using code signing, cryptographical protection of data, etc.
Sadly, I feel that the CSSLP is wastly underrepresented when it cames to materials and preparation. I am not one caring for CISSP because in my country, the chance that I will get management position based on some foreign certification is negligible and I don't have too much of a chance to finish university, so I feel like CISSP is something that I will want to consider only much later on in my career, if ever. However, the CSSLP looks interesting, entertaining and very close to what I would like to do next.
The issue I see is that there seems to be quite a lack of materials to prepare for the exam. Especialy now that the exams have new formats and new curicuum, I wonder if studying from five years old book is going to prepare me for the exam and help me pass it... Or, if there is any milestone between those two exams that can help me evaluate my preparation status for CSSLP (I was thinking maybe CEH or similar?).
Does anyone have some feedback or recomendation in this situation? Should I try to pursure some "intermediate" certification? Or is day-to-day job experience coupled with some (ISC)² materials enough, as it was the case with SSCP?