Certified Application Security Engineer (C|ASE)

Certified Application Security Engineer (C|ASE)

Many globally recognizable retail outlets have dealt with enormous data breaches recently because they ignored application security. Billion-dollar companies with global footprints have faced massive data leakage, including their customers’ and employees’ personal and financial information, because their applications were faulty. Retail giants like Forever 21, GameStop, Panera Bread, Sonic, KMart, and Hudson Bay (Saks Fifth Avenue) are a few on the list of retailers with thousands of outlets that used POS machines or payment gateways that allegedly resulted in information theft. There are many more modern, digital platforms like Uber, Yahoo, Dropbox, Adobe, LinkedIn, and Tumblr who also faced similar breaches, owing to the same reason: lack of application security.


  • Module 1: Understanding Application Security, Threats, and Attacks
  • Module 2: Security Requirements Gathering
  • Module 3: Secure Application Design and Architecture
  • Module 4: Secure Coding Practices for Input Validation
  • Module 5: Secure Coding Practices for Authentication and Authorization
  • Module 6: Secure Coding Practices for Cryptography
  • Module 7: Secure Coding Practices for Session Management
  • Module 8: Secure Coding Practices for Error Handling
  • Module 9: Static and Dynamic Application Security Testing (SAST & DAST)
  • Module 10: Secure Deployment and Maintenance


Who is it for?

CASE is for Java developers with a minimum of 2 years of experience and individuals who want to become application security engineers/ analysts/ testers.


Training Duration

3 days (24 hours)


About the Exam

Number of Questions: 50

Test Duration: 2 hours

Test Format: Multiple Choice Questions

Passing Score: 70%