2® CM OFFICIAL ( ISC ) CSSLP CBK EDUCATION SEMINARS AT ...

etherealattractiveSecurity

Jun 14, 2012 (5 years and 3 days ago)

543 views

-more-

NEWS
FOR IMMEDIATE RELEASE


Contact:
Stephanie Olsen or Mike Kilroy
Maples Communications, Inc.
(949) 855-3555
solsen@maples.com

mkilroy@maples.com



SANS INSTITUTE TO HOST
OFFICIAL (ISC)

CSSLP
CM
CBK
®
EDUCATION
SEMINARS AT UPCOMING CONFERENCES

Courses at SANS’ London and Washington, D.C. Events to
Address Building In Security Throughout Software Lifecycle

Palm Harbor, Fla., U.S.A., Sept. 24, 2009 – (ISC)

(“ISC-squared”), the not-for-profit
global leader in educating and certifying information security professionals throughout their
careers, today announced that SANS Institute will be holding Official (ISC)
2
Certified Secure
Software Lifecycle Professional (CSSLP) CBK Education Seminars at two of its upcoming
conferences: SANS London from Nov. 30-Dec. 4 and SANS Cyber Defense Initiative (CDI) in
Washington, D.C. from Dec. 11-15, 2009.
Taught by (ISC)
2
-certified instructors, the five-day Education Seminars will cover the
seven domains of the CSSLP, a certification from (ISC)
2
created to stop the proliferation of
software security vulnerabilities by establishing best practices and validating an individual’s
competency in addressing security issues throughout the software development lifecycle.
The course will detail the tools and processes required to build security into each phase of
the software lifecycle, from the requirement phase through software design, software testing and
disposal.
“With unsecured software posing a greater threat to enterprises every day and causing
higher production costs and delays for software developers, educating software lifecycle
professionals on optimum security practices is a sensible solution,” said Alan Paller, director of
research for SANS.
SANS to Host CSSLP Education Seminars Page 2
“The CSSLP complements SANS’ GIAC Secure Software Programmer (GSSP)
certification, which tests developers’ secure coding skills,” Paller said.
“We are pleased to be working with SANS on this important but frequently-overlooked
issue,” said W. Hord Tipton, CISSP-ISSEP, CAP, CISA, CNSS, executive director for (ISC)
2
.
“By raising awareness of the problem and providing one set of solutions with our complementary
certifications, we hope to defray the rising costs – both concrete and intangible – of relying on
software that has not been properly secured and managed from cradle to grave.”
Code-language neutral, the CSSLP is applicable to software analysts, developers,
engineers, project managers, software quality assurance testers and programmers. To be eligible
for the certification, CSSLP candidates must demonstrate four years of professional experience in
the software development lifecycle process, or three years of experience and a bachelor’s degree
(or regional equivalent) in an IT discipline.
The seven domains of the CSSLP CBK, a compendium of secure software topics, are:
• Secure Software Concepts
• Secure Software Requirements
• Secure Software Design
• Secure Software Implementation/Coding
• Secure Software Testing
• Software Acceptance
• Software Deployment, Operations, Maintenance and Disposal

To register for the CSSLP Review Seminar at SANS London, visit
http://www.sans.org/london09/description.php?tid=3597
. To register for the CSSLP Review
Seminar at SANS CDI in Washington, D.C., visit http://www.sans.org/cyber-defense-initiative-
2009/description.php?tid=3597
.
For more information about the CSSLP education programs, visit
http://www.isc2.org/csslpedu/
.
SANS Institute
SANS is the largest source for information security training and certification in the world. It also develops,
maintains, and makes available at no cost, the largest collection of research documents about various
aspects of information security, and it operates the Internet's early warning system - Internet Storm Center.
SANS also sponsored the creation of GIAC, a leading industry security certification. The SANS
(SysAdmin, Audit, Network, Security) Institute was established in 1989 as a cooperative research and
education organization. Its programs now reach more than 165,000 security professionals around the world.
A range of individuals from auditors and network administrators, to chief information security officers are
sharing the lessons they learn and are jointly finding solutions to the challenges they face. At the heart of
SANS are the many security practitioners in varied global organizations from corporations to universities
working together to help the entire information security community.

About (ISC)²
(ISC)

is the globally recognized Gold Standard for certifying information security professionals.

SANS to Host CSSLP Education Seminars Page 3



Celebrating its 20
th
anniversary, (ISC)² has certified nearly 65,000 information security professionals in
more than 130 countries. Based in Palm Harbor, Florida, USA, with offices in Washington, D.C., London,
Hong Kong and Tokyo, (ISC)
2
issues the Certified Information Systems Security Professional (CISSP
®
)
and related concentrations, Certified Secure Software Lifecycle Professional (CSSLP
CM
), Certification and
Accreditation Professional (CAP
®
), and Systems Security Certified Practitioner (SSCP
®
) credentials to
those meeting necessary competency requirements. (ISC)²’s CISSP

and related concentrations, CAP, and
the SSCP

certifications are among the first information technology credentials to meet the stringent
requirements of ANSI/ISO/IEC Standard 17024, a global benchmark for assessing and certifying
personnel. (ISC)² also offers a continuing professional education program, a portfolio of education products
and services based upon (ISC)
2
’s CBK
®
, a compendium of information security topics. More information is
available at www.isc2.org
.
# # #

© 2009, (ISC)
2
Inc. (ISC)², CISSP, ISSAP, ISSMP, ISSEP, and CAP, SSCP and CBK are registered marks and CSSLP is a service
mark of (ISC)², Inc.