Official (ISC)2 Guide to the CSSLP

Front Cover
CRC Press, Apr 19, 2016 - Business & Economics - 572 pages
As the global leader in information security education and certification, (ISC)2 has a proven track record of educating and certifying information security professionals. Its newest certification, the Certified Secure Software Lifecycle Professional (CSSLP) is a testament to the organization's ongoing commitment to information and software security
 

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

Foreword
xvii
About the Author
xix
Introduction
xxi
Secure Software Concepts
25
Secure Software Requirements
79
Secure Software Design
127
Secure Software ImplementationCoding
233
Secure Software Testing
323
Software Acceptance
367
Software Deployment Operations Maintenance and Disposal
403
Copyright

Other editions - View all

Common terms and phrases

About the author (2016)

Manoranjan (Mano) Paul is the Software Assurance Advisor for the (ISC)2, the global leader in information security education and certification, representing and advising the organization on software assurance strategy, training, education and certification. His information security and software assurance experience includes designing and developing security programs from compliance-to-coding, security in the SDLC, writing secure code, risk management, security strategy, and security awareness training and education.

Mr. Paul started his career as a shark researcher in the Bimini Biological Field Station, Bahamas. His educational pursuit took him to the University of Oklahoma where he received his Business Administration degree in Management Information Systems (MIS) with various accolades and the coveted 4.0 GPA. Following his entrepreneurial acumen, he founded and serves as the CEO & President of Express Certifications, a professional certification assessment and training company that developed studISCope, (ISC)2's official self assessment offering for prospective certification candidates. Express Certifications is also the self assessment testing company behind the US Department of Defense certification education program as mandated by the 8570.1 directive. He also founded SecuRisk Solutions, a company that specializes in security product development and consulting.

Before Express Certifications and SecuRisk Solutions, Mr. Paul played several roles from software developer, quality assurance engineer, logistics manager, technical architect, IT strategist, and security engineer/program manager/strategist at Dell Inc. Mr. Paul is an appointed faculty member and Vice President of the Capitol of Texas Information System Security Association (ISSA) chapter. He is a contributing author for the Information Security Management Handbook, writes periodically for the Certification magazine and has contribut

Bibliographic information