The Certified Application Security Engineer (CASE) certified training program prepares software professionals with a hands-on, comprehensive application security course that will help you create secure applications.

.NET is the Microsoft programming platform for both Windows applications and Web programming. The ubiquitous nature of Windows, secure .NET programming is clearly a critical skillset. CASE.Net will teach you the skills to write secure .NET applications.

The CASE credential tests the critical security skills and knowledge required throughout a typical software development life cycle (SDLC), focusing on the importance of the implementation of secure methodologies and practices in today’s insecure operating environment.

The training program encompasses security activities involved in all phases of the SDLC: planning, creating, testing, and deploying an application.

Unlike other application security training, CASE goes beyond just the guidelines on secure coding practices and includes secure requirement gathering, robust application design, and handling security issues in post-development phases of application development.

Training includes

  • Instructor-led, streaming video training modules – 1-year access
  • Official EC-Council e-courseware – 1-year access
  • iLabs, virtual lab platform – 6 months access
  • Certification exam voucher
  • Certificate of attendance

Course outline

  • Understanding application security, threats, and attacks
  • Security requirements gathering
  • Secure application design and architecture
  • Secure coding practices for input validation
  • Secure coding practices for authentication and authorization
  • Secure coding practices for cryptography
  • Secure coding practices for session management
  • Secure coding practices for error handling
  • Static and Dynamic Application Security Testing (SAST & DAST)
  • Secure deployment and maintenance

Who is it for

  • .NET Developers with a minimum of 2 years of experience and individuals who want to become application security engineers/analysts/testers
  • Individuals involved in the role of developing, testing, managing, or protecting wide area of applications


To be eligible to apply to sit for the CASE Exam, the candidate must either:

  • Attend the official EC-Council CASE training through an accredited EC-Council Partner or
  • Be an ECSP (.NET/ Java) member in good standing or
  • Have a minimum of 2 years working experience in InfoSec/ Software domain or
  • Have any other industry equivalent certifications such as GSSP .NET/Java

Duration: 24 hours or 3 full-day sessions

Cost: $1,900 + HST

ORION Flexible Online Training courses are exclusively for ORION constituents. Organizers have the right to restrict access to online resources accordingly.


For more information, please contact ORION’s Community Development team at