EC-Council Certified Application Security Engineer (CASE) Java + Exam voucher

Individuals involved in the role of developing, testing, managing, or protecting a wide area of applications or individuals hoping to become application security engineers/analysts/testers

After completing this course you should be able to:

• Understand secure SDLC and secure SDLC models in-depth
• Apply the knowledge of OWASP Top 10, threat modelling, SAST and DAST
• Capture security requirements of an application in development
• Define, maintain and enforce application security best practices
• Perform manual and automated code review of application
• Conduct application security testing for web applications to assess the vulnerabilities
• Drive the development of a holistic application security program
• Rate the severity of defects and publishing comprehensive reports detailing associated risks and mitigations
• Work in teams to improve security posture
• Use Application security scanning technologies such as AppScan, Fortify, WebInspect, static application security testing (SAST), dynamic application security testing (DAST), single sign-on, and encryption
• Follow secure coding standards that are based on industry-accepted best practices such as OWASP Guide, or CERT Secure Coding to address common coding vulnerabilities.
• Create a software source code review process that is a part of the development cycles (SDLC, Agile, CI/CD)

To be eligible to apply to sit for the CASE exam the candidate must either:

• Attend the official EC-Council CASE training through an accredited EC-Council Partner (Accredited Training Centre/ iWeek/ iLearn) (All candidates are required to pay the USD100 application fee unless your training fee already includes this) or
• Be an ECSP (.NET/ Java) member in good standing or
• Have a minimum of 2 years working experience in InfoSec/ Software domain or
• Have any other industry equivalent certifications such as GSSP .NET/Java

International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 145 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 200,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

“Our lives are dedicated to the mitigation and remediation of the cyber plague that is menacing the world today “

Jay Bavisi

President & CEO

EC-Council

Our certification programs are recognized worldwide and have received endorsements from various government agencies including the US Federal Government via the Montgomery GI Bill, and the US Government National Security Agency (NSA) and the Committee on National Security Systems (CNSS) certifying EC-Council’s Certified Ethical Hacking (CEH), Network Security Administrator (ENSA), Computer Hacking Forensics Investigator (CHFI), Disaster Recovery Professional (EDRP), Certified Security Analyst (E|CSA) and Licensed Penetration Tester(LPT) program for meeting the 4011, 4012, 4013A, 4014, 4015 and 4016 training standards for information security professionals and most recently EC-Council has received accreditation from the American National Standards Institute (ANSI).