CSSLP: Secure Software Testing

This course is included in our On-demand training solution.


It’s not enough to integrate secure coding into your software designs; it’s equally important to test that your controls function properly. In this course, you’ll learn best practices for testing for security and quality insurance, including artifact testing, functional and nonfunctional testing, and bug tracking. This course also covers some of the essential testing types such as penetration testing, scanning, simulation testing, failure testing, and cryptographic validation. Finally, you’ll explore options for dealing with test results, such as the importance of impact assessments and corrective actions you can take with less than perfect results. This course is one of a series in the Skillsoft learning path that covers the objectives for the Certified Secure Software Lifecycle Professional or CSSLP exam.

Target Audience

Individuals interested in secure software lifecycle design concepts and methodologies; candidates for the CSSLP exam



Expected Duration

90 min.

Course Objectives

Course Introduction

Testing Artifacts

  • recognize characteristics of testing artifacts
  • Functional Testing

  • identify characteristics of functional testing
  • Nonfunctional Testing

  • distinguish between nonfunctional testing methods
  • Security Testing

  • distinguish between white-, grey-, and black-box testing
  • Environment

  • identify environment best practices for ensuring secure software testing
  • Bug Tracking

  • distinguish between bug tracking states
  • Attack Surface Validation

  • recognize characteristics of attack surface validation for software testing
  • Standards

  • distinguish between testing standards for software quality assurance
  • Penetration

  • identify the four steps in the penetration process
  • Fuzzing

  • recognize characteristics of the fuzzing method
  • Scanning

  • recognize characteristics of scanning
  • Simulation Testing

  • recognize characteristics of simulation testing
  • Failure Testing

  • recognize characteristics of testing for failure
  • Cryptographic Validation

  • recognize characteristics of cryptographic validation
  • Regression Testing

  • recognize characteristics of regression testing
  • Continuous Testing

  • recognize characteristics of continuous testing
  • Impact Assessment

  • recognize characteristics of impact assessment
  • Corrective Action

  • recognize options for addressing bugs
  • Test Data Lifecycle Management

  • identify best practices in test data lifecycle management
  • Exercise: Identifying Secure Testing Techniques