Enrolling now: 5-day boot camp starts September 22 | View All Dates

ISC2 Certified Secure Software Lifecycle Professional® (CSSLP) Training Boot Camp

4.31 (598 ratings)

Become a Certified Secure Software Lifecycle Professional (CSSLP). You’ll leave this boot camp with the knowledge and domain expertise needed to pass the CSSLP exam the first time you take it.

What you'll learn

Training overview

Infosec’s CSSLP Boot camp teaches you how to incorporate security practices throughout the software development lifecycle. You’ll learn key policies, procedures and best practices related to secure software development and how to incorporate them into each phase of the development lifecycle.

You’ll leave fully prepared to earn your CSSLP certification and prove to employers that you have the knowledge and skills necessary to implement secure software development and help mitigate cyber threats.

What's included

Everything you need to know

Certification Logo
  • 90-day extended access to Boot Camp components, including class recordings
  • 100% Satisfaction Guarantee
  • Exam Pass Guarantee
  • Exam voucher
  • Free 90-day Infosec Skills subscription (access to 1,400+ additional courses and labs)
  • Knowledge Transfer Guarantee
  • Pre-study learning path
  • Unlimited practice exam attempts
View Pricing

Syllabus

Training schedule

Day 1
Morning session

Secure software concepts

  • Core concepts
  • Security design principles
Afternoon session

Secure software requirements

  • Define software security requirements
  • Identify and analyze compliance requirements
  • Identify and analyze data classification requirements
  • Identify and analyze privacy requirements
  • Develop misuse and abuse cases
  • Develop security requirement traceability matrix (SRTM)
  • Ensure security requirements flow down to suppliers/providers
Evening session

Optional group & individual study

Schedule may vary from class to class

Day 2
Morning session

Secure software architecture and design

  • Perform threat modeling
  • Define the security architecture
  • Performing secure interface design
  • Performing architectural risk assessment
  • Modeling (non-functional) security properties and constraints
  • Model and classify data
  • Evaluate and select reusable secure design
  • Perform security architecture and design review
  • Define secure operational architecture (e.g., deployment topology, operational interfaces)
  • Use secure architecture and design principles, patterns and tools
Afternoon session

Secure software architecture and design continued

Evening session

Optional group & individual study

Schedule may vary from class to class

Day 3
Morning session

Secure software implementation

  • Adhere to relevant secure coding practices (e.g., standards, guidelines and regulations)
  • Analyze code for security risks
  • Implement security controls (e.g., watchdogs, file integrity monitoring (FIM), anti-malware)
  • Address security risks (e.g. remediation, mitigation, transfer, accept)
  • Securely reuse third-party code or libraries (e.g., software composition analysis (SCA))
  • Securely integrate components
  • Apply security during the build process
Afternoon session

Secure software implementation continued

Evening session

Optional group & individual study

Schedule may vary from class to class

Day 4
Morning session

Secure software testing

  • Develop security test cases
  • Develop security testing strategy and plan
  • Verify and validate documentation (e.g., installation and setup instructions, error messages, user guides, release notes)
  • Identify undocumented functionality
  • Analyze security implications of test results (e.g., impact on product management, prioritization, break build criteria)
  • Classify and track security errors
  • Secure test data
  • Perform verification and validation testing
Afternoon session

Secure software lifecycle management

  • Secure configuration and version control (e.g., hardware, software, documentation, interfaces, patching)
  • Define strategy and roadmap
  • Manage security within a software development methodology
  • Identify security standards and frameworks
  • Define and develop security documentation
  • Develop security metrics (e.g., defects per line of code, criticality level, average remediation time, complexity)
  • Decommission software
  • Report security status (e.g., reports, dashboards, feedback loops)
  • Incorporate integrated risk management (IRM)
  • Promote security culture in software development
  • Implement continuous improvement (e.g., retrospective, lessons learned)
Evening session

Optional group & individual study

Schedule may vary from class to class

Day 5
Morning session

Secure software deployment, operations and maintenance

  • Perform operational risk analysis
  • Release software securely
  • Securely store and manage security data
  • Ensure secure installation
  • Perform post-deployment security testing
  • Obtain security approval to operate (e.g., risk acceptance, sign-off at appropriate level)
  • Perform information security continuous monitoring (ISCM)
  • Support incident response
  • Perform patch management (e.g. secure release, testing)
  • Perform vulnerability management (e.g., scanning, tracking, triaging)
  • Runtime protection (e.g., runtime application self-protection (RASP), web application firewall (WAF), address space layout randomization (ASLR))
  • Support continuity of operations
  • Integrate service level objectives (SLO) and service level agreements (SLA) (e.g., maintenance, performance, availability, qualified personnel)
Afternoon session

Secure software supply chain

  • Implement software supply chain risk management
  • Analyze security of third-party software
  • Verify pedigree and provenance
  • Ensure supplier security requirements in the acquisition process
  • Support contractual requirements (e.g., intellectual property (IP) ownership, code escrow, liability, warranty, end-user license agreement (EULA), service level agreements (SLA))
Evening session

Optional group & individual study

Schedule may vary from class to class

Day 6
Morning session

Take the CSSLP exam

Schedule may vary from class to class

Download Full Syllabus

Guaranteed results

Our Boot Camp guarantees

Guarantee icon

Exam Pass Guarantee

If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year (does not apply to CMMC-AB Boot Camps).

Guarantee icon

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.

Guarantee icon

Knowledge Transfer Guarantee

If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.

Who should attend

Who Should Attend Image
  • Software developers
  • Software architects
  • Software engineers
  • Application security specialists
  • Penetration testers
  • Project managers
  • Anyone involved in the software development lifecycle (SDLC)

What makes the Infosec CSSLP prep course different?

You can rest assured that the CSSLP training materials are fully updated and synced with the latest version of the CSSLP exam. In addition, you’ll gain access to a CSSLP prep course the moment you enroll, so you can prepare for and get the most out of your boot camp.

 

With 20 years of training experience, we stand by our CSSLP training with an Exam Pass Guarantee. This means if you don’t pass the exam on the first attempt, we’ll pay for your second exam at no additional cost to you!

Learn More

Meets 8570.1 requirements

Attention DoD Information Assurance workers! This boot camp helps meet U.S. Department of Defense Directive 8570.1 requirements for department employees or contractors engaged in work related to information security.

View Pricing

Before your Boot Camp

Prerequisites

To obtain the CSSLP certification, you must have:

  • At least four years of professional Software Development Lifecycle (SDLC) experience
  • A work history reflecting direct experience in at least one of the eight domains listed in the ISC2 CSSLP Common Body of Knowledge (CBK)

However, you can become an Associate of ISC2 by passing the exam without the required work experience.

You're in good company

EH

The instructor was able to take material that prior to the class had made no sense, and explained it in real world scenarios that were able to be understood.

Erik Heiss, United States Air Force
MJ

I really appreciate that our instructor was extremely knowledgeable and was able to provide the information in a way that it could be understood. He also provided valuable test-taking strategies that I know not only helped me with this exam, but will help in all exams I take in the future.

Michelle Jemmott, Pentagon
RC

The course was extremely helpful and provided exactly what we needed to know in order to successfully navigate the exam. Without this I am not confident I would have passed.

Robert Caldwell, Salient Federal Solutions

View all schedule options

ISC2 Certified Secure Software Lifecycle Professional® (CSSLP) Training Boot Camp

$3,514.00

Sep 22, 2025 - Sep 26, 2025
Online
Start Time: 8:30 AM (Central)

ISC2 Certified Secure Software Lifecycle Professional® (CSSLP) Training Boot Camp

$3,514.00

Nov 10, 2025 - Nov 14, 2025
Online
Start Time: 9:30 AM (Central)

ISC2 Certified Secure Software Lifecycle Professional® (CSSLP) Training Boot Camp

$3,514.00

Mar 16, 2026 - Mar 20, 2026
Online
Start Time: 8:30 AM (Central)

Instant pricing

Join thousands of certified professionals who train with Infosec. Click below for complete pricing details.

Exam Pass Guarantee Logo

Award-winning training you can trust

Quick facts

Duration
6 days
Method
Live online or team onsite
Level
3-5 years of experience
Average salary
$132,733
Meets 8570.1 DoD requirements

Ready to discuss your training goals? We've got you covered.

Request Information

Unlock team training discounts

If you’re like many of our clients, employee certification is more than a goal — it’s a business requirement. Connect with our team to learn more about our training discounts.

Request Team Pricing

Instant pricing

Join thousands of certified professionals who train with Infosec. Click below for complete pricing details.

Exam Pass Guarantee Logo

Award-winning training you can trust

Explore our top boot camps

More learning opportunities

Most popular

CompTIA Security+ Certification Training Boot Camp Boot camp

CompTIA Security+ Certification Training Boot Camp

  • 5 days of instructor-led training
  • 1-3 years of experience
  • Average Salary: $99,446
  • Exam Pass Guarantee
review-logo

4.8

(5,391 ratings)

Learn More

#1 FOR BEGINNERS

Cisco Certified Network Associate (CCNA) & Cybersecurity Associate Training Boot Camp Dual Certification Boot camp

Cisco Certified Network Associate (CCNA) & Cybersecurity Associate Training Boot Camp Dual Certification

  • 7 days of instructor-led training
  • 0-1 year of professional experience
  • Average Salary: $93,071
  • Exam Pass Guarantee
review-logo

4.3

(3,372 ratings)

Learn More

Most requested

ISC2 Certified Information Systems Security Professional® (CISSP) Certification Training Boot Camp Boot camp

ISC2 Certified Information Systems Security Professional® (CISSP) Certification Training Boot Camp

  • 6 days of instructor-led training
  • 5+ years of professional experience
  • Average Salary: $151,860
  • Exam Pass Guarantee
review-logo

4.7

(8,738 ratings)

Learn More