The Certified Application Security Engineer (CASE) focuses on secure application software development processes. It is a, hands-on, comprehensive application security course hat will help you create secure application software.
This course encompasses security activities involved in all phases of the Secure Software Development Lifecycle (SDLC): planning, creating, testing, and deploying an application.
Unlike other application security trainings, CASE goes beyond just the guidelines on secure coding practices to include secure requirement gathering, robust application design, and handling security issues in post development phases of application development.
COURSE DESCRIPTION (continued)
The CASE certification exam and training program prepare application security engineers, analysts, testers, and anyone with exposure to any phase of SDLC to build secure applications that are robust enough to meet today’s challenging operational environment by focusing not just on secure coding, but much more.
This makes CASE one of the most comprehensive certifications on the market today. It’s desired by software application engineers, analysts, testers globally, and respected by hiring authorities.
WHO SHOULD ATTEND
The CASE training and certification is intended for:
(1) .NET Developers with a minimum of 2 years of experience and individuals who want to become application security engineers/analysts/testers.
(2) Individuals involved in the role of developing, testing, managing, or protecting applications
The CASE exam can be challenged after attending the official CASE training. Candidates that successfully pass the exam will receive their CASE certificate and membership privileges. Members are expected to adhere to the policies of EC-Council’s Continuing Education Requirements.
Exam title: Certified Application Security Engineer .NET
Exam Code: CASE .NET
Number of questions: 50 MCQ
Duration: 2 hours
Availability: ECC exam
01 : Understanding Application Security, Threats, and Attacks
02 : Security Requirements Gathering
03 : Secure Application Design and Architecture
04 : Secure Coding Practices for Input Validation
05 : Secure Coding Practices for Authentication and Authorization
COURSE PLAN (continued)
06 : Secure Coding Practices for Cryptography
07 : Secure Coding Practices for Session Management
08 : Secure Coding Practices for Error Handling
09 : Static and Dynamic Application Security Testing (SAST & DAST)
10 : Secure Deployment and Maintenance