Buy Now 200

Certified Software Security Tester – Foundation Level (CSSTF)


GSDC's Certified Software Security Tester (CSSTF) – Foundation Level certification covers much more than just penetration testing. Certainly, security testing is an important part of software development, because there are many previous incidents where organizations faced great loss because of low security. Organizations are much aware of the security-related issues but professionals who are skilled in software security testing are very less than required. Professionals who have skill sets but they are still lacking in following best practices and that's why GSDC and our advisors have created this Software Security testing Foundation level certification to give working professionals accreditation and to test their knowledge about software security testing so organizations can rely on them.

CSSTF Certification Badge


The objective of Software Security Tester Foundation certification includes a deep understanding of:

  1. Security Testing and best practices.
  2. Knowledge of security testing and deployments.
  3. Making Security Requirements.
  4. Web security, Threat modeling, Risk assessment
  5. Security Tester & Load Balancing.
  6. Tools and frameworks.

Target Audiences For Software Security Tester Foundation Certification:

Cloud Tester Foundation Certification

Software Developers

Cloud Architects

Solution Architects

Software Tester

Software Engineers

Web Developers

IT Managers

Software Consultants

DevOps Practitioners

IT Directors

Tool Providers

Product Owners


CSSTF Certification BENEFITS

After the completion of this Software Security Testing Foundation Certification, participants will be able to:

Communicate with other team members, product owners, and customers effectively.

Reduce costs and help your organizations to achieve their goals.

Gain confidence over High Speed – Quick Deployment.

Reduce errors and increase reliability.

Discover the problems early to reduce the cost of failure.



There are no such prerequisites for this Software Security Tester Foundation Certification. But Cloud Environment experience and working knowledge in software/app tester are recommended. If you are looking for an advanced level then you can go for GSDC Software Security Tester Advance Certification.

Certification Advisor



90-minutes exam.
40-multiple choice questions (MCQ).
26 out of 40. 65% is needed to pass.
In case the participant does not score the passing percentage, they will be granted a 2nd attempt at no additional cost. Re-examination can be taken up to 30 days from the date of the 1st exam attempt should Tick against only one correct answer in Multiple Choice Questions. 


Sample Certificate


Software security tester Foundation Certification EXAM SYLLABUS

1. Introduction to Security Testing

  • Software Testing Background
  • CIAA++

2. Software Application Risk

  • Software Security Risks
  • Understanding Risk
  • Threat Modeling
  • Architecture Risk Analysis
  • Risk Assessment
  • Prioritizing Security Assurance

    3. Application Security Testing

    • Types of App Security Testing
    • Discovery & Reconnaissance Analysis
    • Vulnerability Scanning
    • Security Assessments
    • Red Teaming
    • Security & Compliance Audit
    • Reconnaissance and Scanning

    4. Requirements

    • Functional Security Requirements
    • Non-Functional Security Requirements
    • Addressing Conflicts
    • Identifying Security Requirements

    4. Authentication

    • Attacks Against Authentication
    • Session IDs and Cookies
    • Authentication Testing
    • Race Conditions
    • Session Management
    • Replay Attacks
    • Cross Site Request Forgery (CSRF)
    5. Access Control
    • Methods of Testing Access Control
    • Techniques for recvoery

    6. Validation & Attacks

    • Input Validation
    • Data Validation
    • Common Attacks
    7. Database Security Testing
    •  Database Security Testing Techniques.
    • Recovery Techniques
    •  Reporting & Documentation
    8. Security Testing In Process
    • Security in an Agile Process
    • Security in a Waterfall Framework
    • Creating a Security Test Plan
    • Security Tools in a DevOps Process



    The Global Skill Development Council (GSDC) is an independent, vendor-neutral, international credentialing and certification organization for the emerging technologies:

    • Advisory board members and SMEs are from around the world, drawn from different specializations.
    • Supported by the world's most esteemed thought leaders from Yale, MIT, Stanford, Wharton, and Harvard.
    • Hub of Trending Technologies and framework certifications.
    • Content curated by Industry's best Subject matter experts.
    • Webinars and Conferences.
    • Training Partners Across The Globe.

    295 Turnpike Rd block 519, Westborough, MA 01581, USA
    Hohenstieglen 6, 8152 Glattbrugg, Switzerland +41 41444851189
    Global Skillup Certification Pte Ltd 100D Pasir Panjang Rd, #05-03 Meissa, Singapore 118520

    The Global Skill Development Council (GSDC) is an Independent, Vendor Neutral, International Credentialing and Certification Organization for Professionals.