The Certified Application Security Engineer (CASE) certified training program prepares software professionals with a hands-on, comprehensive application security course that will help you create secure applications.

Java is the premier platform-independent programming language. Java programs can run on Windows, Linux, or Macintosh. Beyond that, Java is the programming language for Java apps. These facts make Java an important programming language. Secure Java programming is becoming increasingly important, particularly with Java being the language of Android apps. CASE Java will give you the skills you need to write secure Java applications.

The CASE credential tests the critical security skills and knowledge required throughout a typical software development life cycle (SDLC), focusing on the importance of the implementation of secure methodologies and practices in today’s insecure operating environment.

The training program encompasses security activities involved in all phases of the SDLC: planning, creating, testing, and deploying an application.

Unlike other application security training, CASE goes beyond just the guidelines on secure coding practices and includes secure requirement gathering, robust application design, and handling security issues in post-development phases of application development.

Training includes:

  • Instructor-led, streaming video training modules – 1-year access
  • Official EC-Council e-courseware – 1-year access
  • iLabs, virtual lab platform – 6 months access
  • Certification exam voucher
  • Certificate of attendance

Course outline:

  • Understanding application security, threats, and attacks
  • Security requirements gathering
  • Secure application design and architecture
  • Secure coding practices for input validation
  • Secure coding practices for authentication and authorization
  • Secure coding practices for cryptography
  • Secure coding practices for session management
  • Secure coding practices for error handling
  • Static and Dynamic Application Security Testing (SAST & DAST)
  • Secure deployment and maintenance

Who is it for:

  • Java Developers with a minimum of 2 years of experience and individuals who want to become application security engineers/analysts/testers
  • Individuals involved in the role of developing, testing, managing, or protecting wide area of applications


To be eligible to apply to sit for the CASE Exam, the candidate must either:

  • Attend the official EC-Council CASE training through an accredited EC-Council Partner or
  • Be an ECSP (.NET/ Java) member in good standing or
  • Have a minimum of 2 years working experience in InfoSec/ Software domain or
  • Have any other industry equivalent certifications such as GSSP .NET/Java.

Duration: 24 hours or 3 full-day sessions

Cost: $1,900 + HST

ORION Flexible Online Training courses are exclusively for ORION constituents. Organizers have the right to restrict access to online resources accordingly.


For more information, please contact ORION’s Community Development team at