The CASE exam can be challenged after attending the official CASE training. Candidates that successfully pass the exam will receive their CASE certificate and membership privileges. Members are expected to adhere to the policies of EC-Council’s Continuing Education Requirements.

Attaining the Certified Application Security Engineer:

CASE allows application developers and testers to demonstrate their mastery of the knowledge and skills required to handle common application software security vulnerabilities.

Exam Title: Certified Application Security Engineer
Number of Questions: 50
Test Duration: 2 Hours
Test Format: Multiple Choice
Availability: EC-Council Exam Portal

Eligibility Criteria

To be eligible to challenge the CASE Exam, the candidate must either:

  • Complete the official EC-Council CASE training through an accredited EC-Council Partner (Accredited Training Centre/ iWeek/ iLearn) (All candidates are required to pay the USD100 application fee unless your training fee already includes this) or
  • Be an ECSP (.NET/ Java) member in good standing (you need not pay a duplicate application fee, as this fee has already been paid) or
  • Have a minimum of 2 years working experience in InfoSec/ Software domain (you will need to pay USD 100 as a non-refundable application fee) or
  • Have any other industry equivalent certifications such as GSSP .NET/Java (you will need to pay USD 100 as a non-refundable application fee

Related Courses


Certified Application Security Engineer certification tests major security skills necessary across software development life cycle and concentrating on significance of the execution of safe methodologies and practices in current unsafe operating environment.
Passing score is 70%