ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep
Focused View
Jerod Brennen
13:41:20
40 View
01 - Prepping for the CSSLP.mp4
00:55
01 - Secure software concepts.mp4
01:51
02 - What you should know.mp4
02:06
03 - The goals of application security.mp4
03:45
01 - Confidentiality.mp4
06:04
02 - Integrity.mp4
05:17
03 - Availability.mp4
04:51
01 - Authentication.mp4
07:20
02 - Authorization.mp4
07:01
03 - Accountability.mp4
05:43
04 - Nonrepudiation.mp4
05:03
05 - Governance, risk, and compliance.mp4
05:08
01 - Least privilege.mp4
04:51
02 - Separation of duties.mp4
05:06
03 - Economy of mechanism.mp4
07:19
04 - Complete mediation.mp4
05:19
01 - Defense in depth.mp4
05:17
02 - Resiliency.mp4
05:44
03 - Open design.mp4
06:52
04 - Least common mechanism.mp4
05:01
05 - Psychological acceptability.mp4
07:42
06 - Leveraging existing components.mp4
04:52
07 - Eliminate single point of failure.mp4
05:10
08 - Diversity of defense.mp4
03:43
01 - Secure software lifecycle management.mp4
03:21
01 - Strategy and roadmap.mp4
06:27
02 - Development methodologies.mp4
06:17
03 - Integrated risk management.mp4
07:39
04 - Promote security culture.mp4
07:04
01 - Security standards and frameworks.mp4
08:23
02 - Security documentation.mp4
06:46
03 - Hardware and software configuration.mp4
04:42
04 - Ongoing configuration management.mp4
04:41
01 - Decommission software.mp4
04:28
02 - Manage licenses and archives.mp4
04:52
03 - Security metrics.mp4
08:09
04 - Reporting security status.mp4
07:18
05 - Continuous improvement.mp4
04:09
06 - Implement secure operations practices.mp4
05:38
01 - Determining security requirements.mp4
03:08
01 - Functional requirements.mp4
07:28
02 - Nonfunctional requirements.mp4
09:18
03 - Policy decomposition.mp4
05:53
04 - Legal, regulatory, and industry.mp4
07:12
01 - Security vs. privacy.mp4
06:24
02 - Data anonymization.mp4
05:43
03 - User consent.mp4
05:34
04 - Disposition.mp4
07:01
05 - Private data storage.mp4
03:37
01 - Data ownership.mp4
05:22
02 - Labeling.mp4
07:12
03 - Types of data.mp4
06:48
04 - Data lifecycle.mp4
06:45
01 - Misuse and abuse cases.mp4
06:05
02 - Software requirement specifications.mp4
06:09
03 - Security requirement traceability matrix.mp4
03:51
01 - Secure software design.mp4
03:07
01 - What is threat modeling.mp4
07:45
02 - Understand common threats.mp4
08:47
03 - Attack surface evaluation.mp4
05:37
01 - Secure architecture and design patterns.mp4
03:43
02 - Identifying and prioritizing controls.mp4
06:15
03 - Traditional application architectures.mp4
07:23
04 - Pervasive and ubiquitous computing.mp4
06:43
05 - Rich internet and mobile applications.mp4
07:09
06 - Cloud architectures.mp4
07:08
07 - Embedded system considerations.mp4
08:45
08 - Architectural risk assessments.mp4
06:59
09 - Component-based systems.mp4
05:02
10 - Security enhancing tools.mp4
04:08
11 - Cognitive computing.mp4
04:37
12 - Control systems.mp4
08:34
01 - Components of a secure environment.mp4
08:25
02 - Designing network and server controls.mp4
04:22
03 - Designing data controls.mp4
06:25
04 - Secure design principles and patterns.mp4
05:06
05 - Secure interface design.mp4
06:49
06 - Security architecture and design review.mp4
03:06
07 - Secure operational architecture.mp4
03:37
01 - Nonfunctional properties and constraints.mp4
05:39
02 - Data modeling and classification.mp4
05:00
01 - Secure software implementation.mp4
02:42
01 - Declaring variables.mp4
03:37
02 - Inputs and outputs.mp4
05:57
03 - Protecting secrets.mp4
07:15
04 - Data-flow security.mp4
06:03
05 - Deployment and operations.mp4
08:29
06 - Isolation techniques.mp4
05:01
07 - Processor microarchitecture security.mp4
05:03
01 - Identifying risks.mp4
05:26
02 - The OWASP Top 10 1-5.mp4
06:53
03 - The OWASP Top 10 6-10.mp4
05:14
04 - Common Weakness Enumeration (CWE).mp4
04:47
05 - Addressing risks.mp4
05:32
01 - Third-party code and libraries.mp4
04:09
02 - Component integration.mp4
05:02
03 - Implementing security controls.mp4
04:16
04 - Security in the build process.mp4
05:52
01 - Secure software testing.mp4
03:25
01 - Understanding your test environment.mp4
04:19
02 - Automation vs. manual testing.mp4
07:43
03 - Ensuring a comprehensive approach.mp4
07:25
04 - Validating cryptography.mp4
06:05
01 - Grouping your tests.mp4
06:42
02 - Leveraging external resources.mp4
08:04
03 - Verifying and validating documentation.mp4
06:38
01 - Securing test data.mp4
06:50
02 - Verification and validation testing.mp4
05:45
03 - Identifying undocumented functionality.mp4
05:13
01 - Security implications of test results.mp4
04:56
02 - Classifying and tracking security errors.mp4
06:50
01 - Secure software deployment, operations, and maintenance.mp4
04:54
01 - Performing an operational risk analysis.mp4
08:45
02 - Releasing software securely.mp4
07:16
03 - Storing and managing security data.mp4
07:52
04 - Ensuring secure installation.mp4
07:15
05 - Post-deployment security testing.mp4
06:25
01 - Obtaining security approval to operate.mp4
05:33
02 - Continuous security monitoring.mp4
08:12
03 - Support incident response.mp4
06:48
04 - Support continuity of operations.mp4
06:49
05 - Service level objectives and agreements.mp4
06:00
01 - Patch management.mp4
05:39
02 - Vulnerability management.mp4
08:18
03 - Runtime protection.mp4
05:23
01 - Secure software supply chain.mp4
02:23
01 - Identifying and selecting components.mp4
07:09
02 - Assessing components risks.mp4
05:48
03 - Responding to those risks.mp4
05:32
04 - Monitoring changes and vulnerabilities.mp4
06:43
05 - Maintaining third-party components.mp4
03:58
01 - Analyzing third-party software security.mp4
07:02
02 - Verifying pedigree and provenance.mp4
06:45
01 - Security in the acquisition process.mp4
08:32
02 - Contractual requirements.mp4
05:31
01 - Registering for the exam.mp4
04:33
02 - Exam environment.mp4
03:39
03 - Passing the exam.mp4
02:43
04 - Exam tips.mp4
04:22
05 - Practice tests.mp4
03:54
06 - Experience requirements.mp4
03:31
07 - Continuing education requirements.mp4
05:21
01 - Next steps.mp4
01:57
Description
The Certified Secure Software Lifecycle Professional (CSSLP) certification is designed for software development and security professionals, including software architects, developers, project managers, security managers, quality assurance testers, and anyone responsible for ensuring the security of software applications throughout the development lifecycle. This comprehensive course with instructor Jerod Brennen helps you prepare to tackle the official CSSLP exam. Explore the core concepts and fundamental skills required for each of the eight domains of the exam: Secure Software Concepts; Secure Software Lifecycle Management; Secure Software Requirements; Secure Software Architecture and Design; Secure Software Implementation; Secure Software Testing; Software Deployment, Operations, and Maintenance; and Secure Software Supply Chain.
More details
User Reviews
Rating
average 0
Focused display
Category
Jerod Brennen
Instructor's CoursesBy day, I'm a strategic advisor, virtual CISO, public speaker, & storyteller.
By night, I'm a husband, father, writer, filmmaker, martial artist, musician, and gamer. I've earned every gray hair in my beard, having spent my career serving as a cybersecurity leader in public utilities, retail, higher education, consulting, and technology.
I love to share what I've learned over the years every chance I get: at local and regional professional meetings, at larger conferences, and online via blogs and podcasts. I've published multiple online information security courses with Pluralsight and LinkedIn Learning, and I teach courses in person, both domestically and internationally.
I bring a unique combination of perspective and experience to the table when helping organizations improve their cybersecurity programs, and I'd love to help you make those same improvements, focusing on the business value of an effective, efficient, forward-thinking cybersecurity program.
At the end of the day, I just want to help folks get one step closer to doing what they want to do securely.
LinkedIn Author -> https://www.linkedin.com/learning/instructors/jerod-brennen
Pluralsight Author -> https://www.pluralsight.com/authors/jerod-brennen
Hands-on experience in the following areas:
- Application Security (Web and Mobile)
- Business Analysis
- Cloud Security
- Compliance Assessment and Management (ISO, PCI, SOX, HIPAA, FISMA, FERPA)
- Corporate Training
- Data Governance
- Identity and Access Management / Identity Governance and Administration
- Mentorship
- Penetration Testing (Network, Application, Wireless, Social, Physical)
- Project Management
- Risk Assessment and Management (NIST)
- Security Architecture
- Security Awareness Training
- Security Incident Response
- Security Metrics
- Security Organization Management
- Security Policy & Procedure Development
- Security Systems Administration
- Strategic Planning, Budgeting, & Program Development
- Supplier Security Risk Management
- Technical Documentation
- Vulnerability Assessment and Management
Finally, if you connect with me and send me a sales message without including the word "Orwell," I'll know that you didn't take time to get to know me through my profile. No one likes an impersonal cold call. People who put forth the effort to personalize that outreach are more likely to develop an authentic relationship. ;)
Linkedin Learning
View courses Linkedin LearningLinkedIn Learning is an American online learning provider. It provides video courses taught by industry experts in software, creative, and business skills. It is a subsidiary of LinkedIn. All the courses on LinkedIn fall into four categories: Business, Creative, Technology and Certifications.
It was founded in 1995 by Lynda Weinman as Lynda.com before being acquired by LinkedIn in 2015. Microsoft acquired LinkedIn in December 2016.
- language english
- Training sessions 143
- duration 13:41:20
- English subtitles has
- Release Date 2024/08/12
