Skip navigation
Skip navigation
You are using an outdated browser. Please upgrade your browser.

Applicants Will Contribute to CSSLP Education Program and Certification Exam Development; First Contributors Awarded Credential

London, UK – 5 December, 2008 – (ISC)2® (“ISC-squared”), the not-for-profit global leader in educating and certifying information security professionals throughout their careers, today announced it has received applications from 100 experts representing 15 countries to receive the Certified Secure Software Lifecycle Professional (CSSLPcm) and assist in the development of the certification exam and education program.

The CSSLP aims to validate secure software development practices and expertise to address the increasing number of application vulnerabilities. Launched on Sept. 25, 2008, the experience assessment phase is available to those who have four years of professional experience in the software development lifecycle (SDLC) and can demonstrate and document their expertise in at least four of the seven CSSLP domains. The first CSSLP exam is scheduled for the end of June in 2009.

“We are very pleased by the reaction we have received thus far from veteran software development professionals who are providing their expertise in the development of the CSSLP,” said W. Hord Tipton, CISSP-ISSEP®, CAP®, CISA, executive director for (ISC)2. “The fact that we have received responses from so many countries around the world underscores the notion that the problem of secure software is truly a global issue.”

Applications for the CSSLP were received from Austria, Canada, China, France, Hong Kong, India, Ireland, Italy, Japan, Luxembourg, Puerto Rico, South Africa, South Korea, Sweden, Switzerland, the United Kingdom and the United States.

The first three individuals to attain the CSSLP certification for their early contributions are:

• Jim Molini, CISSP, senior program manager, Identity and Security Division, Microsoft
• Mano Paul, CISSP, founder, Express Certifications and former senior global security program manager, Dell
• Cassio Goldschmidt, senior manager, product security, Symantec

“These three individuals have been instrumental in forming this critical new credential and represent the type of accomplished individuals in the software community who are expressing such strong interest in the CSSLP,” said Tipton.

Designed to stem the proliferation of security vulnerabilities resulting from inadequate development processes, the CSSLP establishes best practices and validates an individual’s competency in addressing security issues throughout the SDLC. Code-language neutral, it is applicable to anyone involved in the SDLC, including analysts, developers, software engineers, software architects, project managers, software quality assurance testers and programmers.

The seven CBK® domains of the CSSLP are:

• Secure Software Concepts
• Secure Software Requirements
• Secure Software Design
• Secure Software Implementation/Coding
• Secure Software Testing
• Software Acceptance
• Software Deployment, Operations, Maintenance and Disposal

The experience assessment opportunity runs through March 31, 2009. More details can be found at

About (ISC)²

The International Information Systems Security Certification Consortium, Inc. [(ISC)2®] is the globally recognized Gold Standard for certifying information security professionals. Founded in 1989, (ISC)² has certified over 60,000 information security professionals in 138 countries. Based in Palm Harbor, Florida, USA, with offices in Washington, D.C., London, Hong Kong and Tokyo, (ISC)2 issues the Certified Information Systems Security Professional (CISSP?) and related concentrations, Certification and Accreditation Professional (CAP?), Systems Security Certified Practitioner (SSCP?), and Certified Secure Software Lifecycle Professional (CSSLPcm) credentials to those meeting necessary competency requirements. (ISC)² certifications are among the first information technology credentials to meet the stringent requirements of ANSI/ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers a continuing professional education program, a portfolio of education products and services based upon (ISC)2’s CBK®, a compendium of information security topics, and is responsible for the (ISC)² Global Information Security Workforce Study. More information is available at

# # #

© 2008, (ISC)2 Inc. (ISC)², CISSP, ISSAP, ISSMP, ISSEP, and CAP, SSCP and CBK are registered marks of (ISC)², Inc.

Note to editors:

For further information or to speak to (ISC)2 please contact:

Teresa Horscroft
Independent PR Consultant
Direct tel: +44 (0)1420 564346
Mob: +44 (0)7990 520390
skype name: teresa.horscroft

This press release was distributed by ResponseSource Press Release Wire on behalf of Eureka Communications in the following categories: Computing & Telecoms, for more information visit