CSSLP "Certified Secure Software Lifecycle Professional"

by JasonRShaver 16. January 2009 16:51

 I got an email saying that I can get certified as being a "secure software lifecycle professional".  While I think the concept is great, they go on to say "Don't forget that time is running out to get CSSLP certified without taking an exam."  The important part of that is the "certified" and "without taking an exam".  What they are expecting you to do is give a resume, short essay, and answer a few questions and that will give them enough for you to be "certified".

This kind of concept I think shows the flaw in how my industry views security.  The security landscape changes every day and even knowing the core concepts by no means demonstrates that you are security minded.  What is worse is that this company (ISC)2 is putting a kind of 'stamp' on people defining them as such.  Now if a company bought into it and hired someone who is 'certified', they are expecting someone who is capable of writing secure software, but what they really got is a normal developer who had the free time to follow "simple steps to completing the CSSLP Online Experience Assessment".  

Even the company pushing this does not think it is a good idea it seems: "the CSSLP Experience Assessment will only be here for a limited amount of time".  If they thought this was a sustainable way to validate people's security experience, they would offer it as a permanent product.  Really they are just astroturfing a user base so they can sell their services, but they are hurting security and the industry in the process. 

http://view.exacttarget.com/?j=fe571578726c01787015&m=ff2313797362&ls=fdfa12787462057571157174&l=fea415727765007d74&s=fdef15757d660378721c7575&jb=ffcf14&ju=fe3516717c650475701470

Time is Running Out...
To Get Certified without taking the Exam!

The holidays are over, the New Year is here, and it's time we made something very clear. Time is running out to apply for the CSSLPCM Experience Assessment

You've already heard all about CSSLP, you've read the whitepapers, scanned through the brochure, read about it in the news, maybe even talked to us at a trade show.  Now it's your turn to join more than 130industry leaders, like you, who have become the first CSSLPs.

Apply for your CSSLP Experience Assessment today.

Don't forget that time is running out to get CSSLP certified without taking an exam.   

Here's the deal...  

If you've had 4 recent years of professional experience in the area of the Software Development Lifecycle (SDLC) and you're an expert in 4 of the 7 CSSLP Experience Assessment topic areas, you're nearly there.   

 

     Did you know you can sign up for the CSSLP Experience Assessment    
                                    in just 15 minutes or less?   

 

 Here's how:

Have everything ready before you start, including

  • Your updated resume or CV - just attach a word document.
  • Have your essays written prior to starting the application - then cut and paste them into the application form.
       - Each essay needs to be 250-500 words.
       - Each essay should describe an applicant's professional experience 
         as it relates to one of the 7 Domains

Click here for the simple steps to completing the CSSLP Online Experience Assessment.

As always, I am available if you have additional questions. Don't delay; the CSSLP Experience Assessment will only be here for a limited amount of time! 

Warm regards,

Glenn Johnson
CSSLP Support Team
(ISC)
+1.866.462.4777 ext. 4432
+1.703.637.4432

Tags:

Blog

Submit to DotNetKicks...
Permalink | Comments (0)

About the author

I am a software developer working for Microsoft in Redmond, WA.  In addition, my wife and I own TTXOnline, what is likely the 3rd largest table tennis store in the US.

Month List

Page List