AppSec & DevSecOps Certifications

In the rapidly evolving field of software development, securing applications and integrating security into every stage of the development lifecycle is crucial. My AppSec and DevSecOps certifications demonstrate my expertise in implementing robust security measures, ensuring code integrity, and fostering a culture of security within development teams. These credentials validate my ability to bridge the gap between development and operations, ensuring that security is a core component of the software development process.

These certifications have been sorted in order of recency, showcasing my most recent accomplishments first.

Certified Secure Software Lifecycle Professional (CSSLP)

  • The vendor-neutral CSSLP credential validates that software professionals have the expertise to incorporate security practices – authentication, authorization and auditing – into each phase of the software development lifecycle, from software design and implementation to testing and deployment. CSSLP confirms one’s knowledge to reduce loss of revenue and reputation due to a breach resulting from insecure software, while enhancing the credibility of an organization and its development team.

    • Secure Software Coding

    • Secure Software Concepts

    • Secure Software Design

    • Secure Software Implementation

    • Secure Software Requirements

    • Secure Software Testing

    • Software Acceptance

    • Software Deployment Operations

    • Software Disposal

    • Software Maintenance

    • Software Supply Chain

  • August 28, 2023

  • August 31, 2026

Certified Container Security Expert (CCSE)

  • The CCSE credential validates the practical expertise to understand, implement and manage the container security program in an organization. A CCSE can assess the current state of container security, securely manage container security workloads, manage vulnerabilities and improve the overall Maturity Level. The CCSE certification demonstrates the ability to use container security tools, techniques, and tactics to audit, secure, and monitor containers in production environments.

    • Application Security

    • Container Breakouts

    • Container Registry Security

    • Container Runtime Security

    • Container Security

    • Container Security Misconfigurations

    • Container Security NIST

    • Container Security Tools

    • DAST (Dynamic Analysis)

    • DevOps Engineer

    • DevSecOps Engineer

    • Docker Registry Security

    • Docker Security

    • Product Security

    • Product Security Engineer

    • SCA

    • SAST (Static Application Security Testing)

    • Security as Code

    • Vulnerability Management

  • June 22, 2022

  • This certificate does not expire.

Certified DevSecOps Professional (CDP)

  • The CDP credential validates the practical expertise to understand, implement and manage the DevSecOps program in an organization. A CDP can assess the current state of DevSecOps, embed security as part of DevOps, manage vulnerabilities and improve the overall Maturity Level. CDP holders can also identify gaps in secure SDLC implementation, Implement security as part of DevOps using Software Component Analysis, Static Analysis, Dynamic Analysis tools, Infrastructure as Code & Compliance as code.

    • Ansible

    • Application Security

    • CI/CD Pipelines

    • Compliance as Code

    • DAST (Dynamic Application Security Testing)

    • DevOps Security

    • DevSecOps

    • DevSecOps Engineer

    • Infrastructure as Code

    • Product Security

    • SAST (Static Application Security Testing)

    • SCA (Software Component Analysis)

    • Secure DevOps

    • Secure SDLC

    • Security as Code

    • Vulnerability Management

  • February 22, 2022

  • This certificate does not expire.

InsightAppSec Certified Specialist

  • This certification validates expertise in using InsightAppSec to identify, monitor, and mitigate web application vulnerabilities. This certification equips professionals with the skills to effectively deploy and configure InsightAppSec, perform comprehensive security assessments, and interpret results to enhance web application security.

    • Automation and Integration

    • Best Practices and Compliance

    • Deployment and Configuration

    • Results Analysis and Reporting

    • Security Assessment Execution

    • Understanding InsightAppSec Architecture

  • May 26, 2021

  • This certificate does not expire.