Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Provider Logo

CSSLP Cert Prep: 2 Secure Software Requirements

via LinkedIn Learning


Learn how to define and validate security requirements for applications as you prepare for the second domain of the CSSLP exam: Secure Software Requirements.

Specific, achievable security requirements are critical ingredients in the creation of any application. In this course, the second installment in the CSSLP Cert Prep series, instructor Jerod Brennen dives into the subject of security requirements to prepare you for the second domain of the Certified Secure Software Lifecycle Professional (CSSLP) exam: Secure Software Requirements. Jerod discusses how to properly define what an app must be and do in order to remain secure. He covers how to approach security, privacy, and data classification requirements for applications. Plus, he goes over how to validate your requirements, including how to use a security requirement traceability matrix (SRTM) to determine how well an app adheres to your security requirements.


  • Determining security requirements
1. Security Requirements
  • Functional requirements
  • Nonfunctional requirements
  • Policy decomposition
  • Legal, regulatory, and industry
2. Privacy Requirements
  • Security vs. privacy
  • Data anonymization
  • User consent
  • Disposition
3. Data Classification Requirements
  • Data ownership
  • Labeling
  • Types of data
  • Data life cycle
4. Validating Your Requirements
  • Misuse and abuse cases
  • Software requirement specifications
  • Security requirement traceability matrix
  • Next steps

Taught by

Jerod Brennen

Related Courses


0.0 rating, based on 0 reviews

Start your review of CSSLP Cert Prep: 2 Secure Software Requirements

Never stop learning Never Stop Learning!

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free