CSSLP 2024: Secure Software Requirements

Skillsoft issued completion badges are earned based on viewing the percentage required or receiving a passing score when assessment is required. The Secure Software Requirements CSSLP domain spans a wide range of topics, from privacy regulations to the construction of the Security Requirements Traceability Matrix (SRTM). In this course, you'll learn to distinguish between functional and non-functional security requirements, gather security requirements across business, application, and infrastructure layers, define user requirements, and create effective user stories using the INVEST attributes. Next, explore key compliance requirements and relevant regulations, including GDPR, CCPA, HIPAA, and Sarbanes-Oxley, analyze security requirements from NIST and ISO/IEC publications, and discover how these standards help organizations maintain strong security postures. You'll learn about the principles of data governance and data classification, including how to categorize data with labels like Confidential, Internal, and Public. Finally, you'll explore the data lifecycle, covering the stages of data creation, storage, usage, retention, and disposal, with a focus on secure practices. You will also study key confidentiality models like Bell-LaPadula and Brewer-Nash, as well as integrity models like Biba and Clark-Wilson. This course prepares learners for the Certified Secure Software Lifecycle Professional (CSSLP) exam.