CSSLP Domain 7: Secure Software Deployment, Operations, Maintenance - podcast episode cover

CSSLP Domain 7: Secure Software Deployment, Operations, Maintenance

InfosecTrain
Dec 15, 20226 min
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

(ISC)² ® CSSLP  Domain 7: Secure Software Deployment, Operations, Maintenance (12%)

CSSLP’s seventh domain accounts for 12% of the exam weightage. This domain explores the deployment process. When an application is developed, the next step is to arrange its deployment, which requires a safe environment in which the deployment process is accomplished. This domain covers continuous integration & continuous delivery (CI/CD) pipeline, secret codes that manage the application, disaster recovery, resiliency, and information security continuous monitoring (ISCM). It explains how to do patch management (e.g., secure release, testing) and vulnerability management (e.g., scanning, tracking, triaging).

This domain is further divided into:

  • Perform operational risk analysis
  • Release software securely
  • Securely store and manage security data
  • Ensure secure installation
  • Perform post-deployment security testing
  • Obtain security approval to operate
  • Perform information security continuous monitoring (ISCM)
  • Support incident response
  • Perform patch management
  • Perform vulnerability management
  • Runtime protection
  • Support continuity of operations
  • Integrate Service Level Objectives (SLO) and Service Level Agreements (SLA)

Read More: (ISC)² ® CSSLP Domain 7: Secure Software Deployment, Operations, Maintenance

For the best experience, listen in Metacast app for iOS or Android