存档

文章标签 ‘Certified Secure Software Lifecycle Professional’

Certified Secure Software Lifecycle Professional CSSLP证书入手

2011年1月20日 1 条评论

CSSLP全称Certified Secure Software Lifecycle Professional,主要方向是折腾软件安全开发生命周期SDL。

The following domains make up the CSSLP CBK focus on the need for building security into the SDLC:

  • Secure Software Concepts – security implications in software development and for software supply chain integrity
  • Secure Software Requirements – capturing security requirements in the requirements gathering phase
  • Secure Software Design – translating security requirements into application design elements
  • Secure Software Implementation/Coding – unit testing for security functionality and resiliency to attack, and developing secure code and exploit mitigation
  • Secure Software Testing – integrated QA testing for security functionality and resiliency to attack
  • Software Acceptance – security implication in the software acceptance phase
  • Software Deployment, Operations, Maintenance and Disposal – security issues around steady state operations and management of software

 

阅读全文…

开心!免试获得CSSLP认证!感谢!

2009年8月31日 7 条评论

ISC2的CSSLP证书是包子人生中第一个信息安全的证书,还是免试通过的,虽然我已经离开了互联网行业,但通过这个认证还是非常开心!对于安全开发,我是在两年前从零开始的,包子正是因为站在了以下巨人的肩膀上,才能在短短的时间内得到提高,以足够的理论和实战经验获得这个证书,别的不说,先列一个严重感谢的LIST(想到哪写到哪,排名不分先后):

阅读全文…