Secure Application Development
Home faculty program location registration subscribe related past events	GIAC Secure Software Programmer (GSSP) certification exam The GIAC Secure Software Programmer (GSSP) Certification Exam was developed in a joint effort involving the SANS Institute, CERT/CC, several US government agencies, and leading companies in the US, Japan, India, and Germany, including some secappdev faculty. These exams are an essential response to the rapidly increasing number of targeted attacks that are focusing on application vulnerabilities. They help organizations meet four objectives: Identify shortfalls in security knowledge of in-house programmers and help those individuals close the gaps. Ensure outsourced programmers have adequate secure coding skills. Select new employees who will not need remedial training in secure programming. Ensure each major development project has at least one person with advanced secure programming skills. Overview: Programmers can demonstrate that they know the common security flaws found in Java and C programming, and how to avoid the problems, by passing the new GSSP exams. While C and Java implementation issues will be discussed in some of the secappdev modules such as UNIX/C Programming traps and pitfalls, Software interfaces to cryptographic algorithms, Hands-on web security and Security architectures inside the programming language, these modules do not explicitly address the examined body of knowledge. Candidates are advised to consult the exam blueprints to ensure they are well-prepared. SANS publishes blueprints for the C and Java/JEE exams. When planning for the exam, the SANS requirements on identification and examination rules are essential reading. Candidates must register for participation in the exam with SANS. Course participants can use the discount code GSSP250 and pay only 50€ for the certification. Sample tests and a complete description of the Secure Coding Initiative can be found at the SANS Software Security Institute.

Secure Application Development

GIAC Secure Software Programmer (GSSP) certification exam

The GIAC Secure Software Programmer (GSSP) Certification Exam was developed in a joint effort involving the SANS Institute, CERT/CC, several US government agencies, and leading companies in the US, Japan, India, and Germany, including some secappdev faculty. These exams are an essential response to the rapidly increasing number of targeted attacks that are focusing on application vulnerabilities. They help organizations meet four objectives:

Identify shortfalls in security knowledge of in-house programmers and help those individuals close the gaps.
Ensure outsourced programmers have adequate secure coding skills.
Select new employees who will not need remedial training in secure programming.
Ensure each major development project has at least one person with advanced secure programming skills.

Overview:

Programmers can demonstrate that they know the common security flaws found in Java and C programming, and how to avoid the problems, by passing the new GSSP exams.

While C and Java implementation issues will be discussed in some of the secappdev modules such as UNIX/C Programming traps and pitfalls, Software interfaces to cryptographic algorithms, Hands-on web security and Security architectures inside the programming language, these modules do not explicitly address the examined body of knowledge. Candidates are advised to consult the exam blueprints to ensure they are well-prepared.

SANS publishes blueprints for the C and Java/JEE exams.

When planning for the exam, the SANS requirements on identification and examination rules are essential reading. Candidates must register for participation in the exam with SANS. Course participants can use the discount code GSSP250 and pay only 50€ for the certification.

Sample tests and a complete description of the Secure Coding Initiative can be found at the SANS Software Security Institute.