CISSP Mastery
Back to Software Development Security
8.2 ~40 min

Identify and apply security controls in development ecosystems

Overview

Secure the toolchain: language/library/tooling choices, IDEs and runtime, CI/CD, configuration management, code repositories, and application security testing (SAST, DAST, SCA, IAST).

Key topics to master

  • Programming languages, libraries, tool sets, IDE, runtime
  • CI/CD; software configuration management
  • Code repositories
  • App security testing: SAST, DAST, SCA, IAST
Read moreOpen the study library Knowledge checkPractice Domain 8 questions
Previous · 8.1Integrate security in the Software Development Life Cycle (SDLC)Next · 8.3Assess the effectiveness of software security