What do you think?
Rate this book
Official (ISC) 2 Guide to the CSSLP CBK, Second Edition ((ISC) 2 Press) by Mano Paul
Application vulnerabilities continue to top the list of cyber security concerns. While attackers and researchers continue to expose new application vulnerabilities, the most common application flaws are previous, rediscovered threats. For example, SQL injection and cross-site scripting (XSS) have appeared on the Open Web Application Security Project (OWASP) Top 10 list year after year over the past decade. This high volume of known application vulnerabilities suggests that many development teams do not have the security resources needed to address all potential security flaws and a clear shortage of qualified professionals with application security skills exists. Without action, this soft underbelly of business and governmental entities has and will continue to be exposed with serious consequences—data breaches, disrupted operations, lost business, brand damage, and regulatory fines. This is why it is essential for software professionals to stay current on the latest advances in software development and the new security threats they create.Recognized as one of the best application security tools available for professionals involved in software development, the Official (ISC) 2 Guide to the CSSLP CBK , Second Edition , is both up-to-date and relevant, reflecting the latest developments in this ever-changing field and providing an intuitive approach to the CSSLP Common Body of Knowledge (CBK). It provides a robust and comprehensive study of the 8 domains of the CBK, covering everything from ensuring software security requirements are included in the software design phase to programming concepts that can effectively protect software from vulnerabilities to addressing issues pertaining to proper testing of software for security, and implementing industry standards and practices to provide a high level of assurance that the supply chain is secure—both up-stream. The book discusses the issues facing software professionals today, such as mobile app development, developing in the cloud, software supply chain risk management, and more.Numerous illustrated examples and practical exercises are included in this book to help the reader understand the concepts within the CBK and to enable them to apply these concepts in real-life situations. Endorsed by (ISC) 2 and written and reviewed by CSSLPs and other (ISC) 2 members, this book serves as an unrivaled study tool for the certification exam and an invaluable career reference. Earning your CSSLP is an esteemed achievement that validates your efforts in security leadership to help your organization build resilient software capable of combating the security threats of today and tomorrow.
Hardcover
First published August 20, 2013
18 people are currently reading
7 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 4 of 4 reviews
March 21, 2021
Lots of deep useful information
Recommended for anyone planning to take the CSSLP exam , have some editing errors, but still it is an excellent reference full of information and useful content
Recommended for anyone planning to take the CSSLP exam , have some editing errors, but still it is an excellent reference full of information and useful content
January 2, 2022
Very outdated at this point and poorly edited, but the only official study guide. Pair with the All-in-One book (which is getting a new edition in 2022) and be sure to review the syllabus put out by (ISC)² for more recent topics. Passed the exam with those two books.
June 1, 2023
Good coverage
This book provides good coverage of the material. There are some obvious typographical errors, though. The answer key in the back has some mistakes.
This book provides good coverage of the material. There are some obvious typographical errors, though. The answer key in the back has some mistakes.
Read
May 25, 2015Good coverage to prep for the exam. It really goes from the basics to deeper knowledge.
However, there were many errors for the review questions, spelling and grammar. Really difficult to understand how a book that focuses on quality can be published with so many obvious errors.
However, there were many errors for the review questions, spelling and grammar. Really difficult to understand how a book that focuses on quality can be published with so many obvious errors.
Displaying 1 - 4 of 4 reviews