(ISC)2 has announced the expansion of its online self-assessment tool known as studISCope (pronounced “study scope”) to include the Certified Secure Software Lifecycle Professional (CSSLP).
studISCope provides a simulation of the (ISC)² CSSLP certification exams and also serves as a mechanism for professionals to pursue continuous self development, regardless of whether they acquire the CSSLP certification. Questions are developed using the same psychometric evaluation processes as the actual certification exam by (ISC)²-certified subject matter experts. At the conclusion of the simulation, the test taker receives his or her score, providing them with a readiness assessment and focused study plan.
“This tool is a great way for software professionals to assess their own security competency on an ongoing basis,” said Alessandro Moretti, CISSP, CSSLP, a volunteer member from Switzerland of the (ISC)2 Board of Directors and a senior risk and security executive in financial services.
“This approach to ongoing self education by software professionals will collectively contribute to better enterprise security for enterprises, given the numerous and incessant software security threats organizations face today.”
Code-language neutral, the CSSLP aims to stem the proliferation of software vulnerabilities by establishing best practices and validating an individual’s competency in addressing security issues throughout the software development lifecycle. The certification caters to a wide range of stakeholders who are involved in the software development process, including management. It is also applicable to business and technical analysts, developers, software engineers, software designers and architects, project managers, software quality assurance testers, and others involved in the software development lifecycle.
“Talk about security is everywhere within the development world, and there is recognition for the need to improve capabilities, but there is still a lot to accomplish. Moving forward begins with assessment. studISCope should prove valuable to anyone looking to develop some new, very marketable skills in this sector,” says Bola Rotibi, analyst specialising in the software sector as research director with Creative Insight Consulting.
“With application security topping the list of security concerns by information security professionals in the 2011 (ISC)2 Global Information Security Workforce Study, there is no better time for professionals to consider obtaining their CSSLP,” said Mano Paul, CISSP, CSSLP, (ISC)2 software assurance advisor and CEO of Express Certifications, the company that developed studISCope. “studISCope allows CSSLP candidates to experience the look and feel of the official certification exam as closely as possible with 300 exam questions.”
studISCope offers a personalized reporting system with learning progress indicators that provide insight into a candidate’s knowledge, strengths and weaknesses, as well as a readiness gauge that pinpoints the candidate’s comprehension level of the specific areas of the (ISC)² Candidate Information Bulletin (CIB), which outlines the information security topics covered in the CSSLP certification. These features allow candidates to identify their knowledge level efficiently in each of the CSSLP domains and focus their study efforts on areas that need the most attention. studISCope helps candidates study for the actual certification examination using three steps – assess, focus and certify.