logo

EC-Council Course

course overview

Click to View dates & book now

Overview

The Certified Application Security Engineer (CASE) credential is developed in partnership with large application and software development experts globally. The CASE credential tests the critical security skills and knowledge required throughout a typical software development life cycle (SDLC), focusing on the importance of the implementation of secure methodologies and practices in today’s insecure operating environment.

The CASE certified training program is developed concurrently to prepare software professionals with the necessary capabilities that are expected by employers and academia globally.It is designed to be a hands-on, comprehensive application security course that will help software professionals create secure applications. The training program encompasses security activities involved in all phases of the Software Development Lifecycle (SDLC): planning, creating, testing, and deploying an application.

Unlike other application security trainings, CASE goes beyond just the guidelines on secure coding practices and includes secure requirement gathering, robust application design, and handling security issues in post development phases of application development. This makes CASE one of the most comprehensive certifications on the market today. It is desired by software application engineers, analysts, testers globally, and respected by hiring authorities.

 

Audience

Individuals involved in the role of developing, testing, managing, or protecting a wide area of applications or individuals hoping to become application security engineers/analysts/testers

Skills Gained

After completing this course you should be able to:

  • Understand secure SDLC and secure SDLC models in-depth
  • Apply the knowledge of OWASP Top 10, threat modelling, SAST and DAST
  • Capture security requirements of an application in development
  • Define, maintain and enforce application security best practices
  • Perform manual and automated code review of application
  • Conduct application security testing for web applications to assess the vulnerabilities
  • Drive the development of a holistic application security program
  • Rate the severity of defects and publishing comprehensive reports detailing associated risks and mitigations
  • Work in teams to improve security posture
  • Use Application security scanning technologies such as AppScan, Fortify, WebInspect, static application security testing (SAST), dynamic application security testing (DAST), single sign-on, and encryption
  • Follow secure coding standards that are based on industry-accepted best practices such as OWASP Guide, or CERT Secure Coding to address common coding vulnerabilities.
  • Create a software source code review process that is a part of the development cycles (SDLC, Agile, CI/CD)

Prerequisites

To be eligible to apply to sit for the CASE exam the candidate must either:

  • Attend the official EC-Council CASE training through an accredited EC-Council Partner (Accredited Training Centre/ iWeek/ iLearn) (All candidates are required to pay the USD100 application fee unless your training fee already includes this) or
  • Be an ECSP (.NET/ Java) member in good standing or
  • Have a minimum of 2 years working experience in InfoSec/ Software domain or
  • Have any other industry equivalent certifications such as GSSP .NET/Java

Outline

EC Council.pngInternational Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 145 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 200,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

“Our lives are dedicated to the mitigation and remediation of the cyber plague that is menacing the world today “

Jay Bavisi

President & CEO

EC-Council


Our certification programs are recognized worldwide and have received endorsements from various government agencies including the US Federal Government via the Montgomery GI Bill, and the US Government National Security Agency (NSA) and the Committee on National Security Systems (CNSS) certifying EC-Council’s Certified Ethical Hacking (CEH), Network Security Administrator (ENSA), Computer Hacking Forensics Investigator (CHFI), Disaster Recovery Professional (EDRP), Certified Security Analyst (E|CSA) and Licensed Penetration Tester(LPT) program for meeting the 4011, 4012, 4013A, 4014, 4015 and 4016 training standards for information security professionals and most recently EC-Council has received accreditation from the American National Standards Institute (ANSI).

Talk to an expert

Thinking about Onsite?

If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. Its a cost effective option. One on one training can be delivered too, at reasonable rates.

Submit an enquiry from any page on this site and let us know you are interested in the requirements box, or simply mention it when we contact you.

All $ prices are in USD unless it’s a NZ or AU date

SPVC = Self Paced Virtual Class

LVC = Live Virtual Class

Please Note: All courses are availaible as Live Virtual Classes

Trusted by over 1/2 million students in 15 countries

Our clients have included prestigious national organisations such as Oxford University Press, multi-national private corporations such as JP Morgan and HSBC, as well as public sector institutions such as the Department of Defence and the Department of Health.