CSSLP certificationISC2 CSSLP Course

Begin Learning Cyber Security for FREE Now!

Already a Member Login Here

Home Forums Courses ISC2 CSSLP Course CSSLP certification

This topic contains 9 replies, has 7 voices, and was last updated by  Shoaib 3 years, 2 months ago.

Viewing 10 posts - 1 through 10 (of 10 total)
  • Author
  • #46732


    Some years ago, CSSLP was announced as being the new must-have certification and that it would compete with CISSP. However, today the number of CSSLP holders is much lower than CISSP holder.
    What is your feeling about CSSLP? Would you say CSSLP is worth having? Or would you say CISSP is still a must and can replace CSSLP?

    • This topic was modified 4 years, 4 months ago by  romualds.


    I needed to Google ‘CSSLP’ after being in the security industry for ages, does that say enough?



    IMO, it was a good idea but it did not get traction in the industry because it was kept at a generic level. There should have been per-language/per-function required specializations to deepen the knowledge of the practitioners,in addition to the core knowledge. I am thinking of CSSLP-JAVA, CSSLP-C/C++, CSSLP-Secure Tester, CSSLP-Secure Designer/Architect, etc. Also the second edition of the CBK book, though including interesting use cases, had many grammar mistakes, that did not help.



    It’s interesting to see that CSSLP is seen as close to development, I should say secure coding : it is not, and it is closer to security management (not at the infrastructure / IT level, but at the development one) : cf content and requirements to be certified. Maybe its positionning is not clear enough.

    Now, more and more attacks happen at the application level (through web-based / cloud-based applications), and CSSLP is providing many answers to the “how to” protect information and ensure privacy. Maybe CSSLP will gain more traction?









    I think it’s better not to think of CSSLP and CISSP as conflicting choices and instead think of it as a difference in job title

    • The CSSLP is for people who are (directly) involved in the software development lifecycle. Whether your writing the business requirements, programming the assignment, or testing the software, this is probably the degree for you.
    • The CISSP is meant for information security management. Rather than worrying about the nitty gritty details of software we turn our attention to the broader categories such as risk, physical security, and disaster recovery. Take this if you have aspiring aspirations.

    You can obtain both certifications. They have a list of all their possible certifications on their website: ISC^2






    Thanks ProgrammerE! By the way, I hold both credentials, and I think you are right : they do not overlap nor compete with each other, but are playing on two different fields. Both are worth having when working with software, web-based /IoT / Mobile application security.
    And both are great sources of knowledge and satisfaction!




Viewing 10 posts - 1 through 10 (of 10 total)

You must be logged in to reply to this topic.

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?