An information security training firm announced on Wednesday it will offer a new security certification for software professionals in 2009 aimed at reducing the number of vulnerabilities in applications, one of the most common ways hackers gain access to systems.
ISC2, which has trained and certified more than 50,000 information security professionals, said it will begin offering in June 2009 an exam to security specialists interested in receiving the firm’s Certified Secure Software Lifecycle Professional designation. The CSSLP will establish best practices and will validate an individual’s competency in addressing security issues that occur during the life cycle of software development and use.
More than 70 percent of computer security vulnerabilities can be found in software applications, such as databases, word processors, spreadsheets and even security programs themselves, according to research firm Gartner. These vulnerabilities frequently are the result of poorly written code.