CSSLP: (ISC)² CSSLP
Browse certifications
Exam Resources
Official learning paths, exam details, skills measured, and community resources to supplement your study.
About the CSSLP Exam
Build security into every phase of software development
The (ISC)² Certified Secure Software Lifecycle Professional certification validates expertise in incorporating security into each phase of the software development lifecycle, from concept through retirement.
Who Should Take This Exam?
The CSSLP is designed for experienced professionals seeking advanced validation. 2+ years of hands-on experience recommended.
Typical study time: 8-12 weeks of intensive study
Exam Quick Facts
| Detail | Value |
|---|---|
| Exam Code | CSSLP |
| Title | (ISC)² CSSLP |
| Duration | 180 minutes |
| Questions | 125 |
| Pass Score | 700 / 1000 |
| Cost | $599 USD |
| Provider | Pearson VUE |
| Validity | 3 years (CPE required) |
| Question Types | Multiple choice, Advanced innovative |
Exam Domains & Weights
The CSSLP exam covers 8 domains. Focus your study time based on the weights below — higher-weighted domains have more exam questions.
| Domain | Weight | Practice Qs |
|---|---|---|
| Secure Software Concepts | 12% | 24 |
| Secure Software Lifecycle Management | 11% | 22 |
| Secure Software Requirements | 13% | 26 |
| Secure Software Architecture and Design | 15% | 30 |
| Secure Software Implementation | 14% | 28 |
| Secure Software Testing | 14% | 28 |
| Secure Software Deployment, Operations, and Maintenance | 11% | 22 |
| Secure Software Supply Chain | 10% | 20 |
| Total | 100% | 200 |
💡 Study tip: Secure Software Architecture and Design carries the most weight (15%) — start there. Secure Software Supply Chain has the least (10%), but don’t skip it — exam questions can come from any domain.
Practice Exam — 200 Questions
Prepare for the CSSLP with our 200-question practice exam covering all 8 exam domains. Every question includes detailed explanations and maps to official exam objectives.
What you get:
- ✅ Exam simulation mode with timer
- ✅ Spaced repetition for weak areas
- ✅ Detailed explanations for every question
- ✅ Progress tracking across domains
- ✅ 20 free questions — no account needed
ISC² Certification Path
Start with CC (Certified in Cybersecurity) for entry-level, then SSCP for technical security, then CISSP for management. CISSP concentrations (ISSAP, ISSEP, ISSMP) come after CISSP.
Related ISC² Certifications
If you’re studying for the CSSLP, you might also be interested in these ISC² certifications:
- CC: (ISC)² Certified in Cybersecurity — 200 practice questions
- CCSP: (ISC)² CCSP — 200 practice questions
- CGRC: (ISC)² CGRC — 200 practice questions
- CISSP-ISSAP: (ISC)² CISSP-ISSAP — 200 practice questions
- CISSP-ISSEP: (ISC)² CISSP-ISSEP — 200 practice questions
Study Tips
- Start with the heaviest domain — focus your time where the exam focuses its questions
- Use our practice exam — try the 20 free questions first to gauge your readiness
- Review explanations — don’t just check if you got it right; read why each answer is correct
- Simulate exam conditions — use the timed exam mode to practice under pressure