Certified Application Security Engineer (.NET)

• Module 01: Understanding Application Security, Threats, and Attacks
• Module 02: Security Requirements Gathering
• Module 03: Secure Application Design and Architecture
• Module 04: Secure Coding Practices for Input Validation
• Module 05: Secure Coding Practices for Authentication and Authorization
• Module 06: Secure Coding Practices for Cryptography
• Module 07: Secure Coding Practices for Session Management
• Module 08: Secure Coding Practices for Error Handling
• Module 09: Static and Dynamic Application Security Testing (SAST & DAST)
• Module 10: Secure Deployment and Maintenance

• Module 01: Understanding Application Security, Threats, and Attacks
• Module 02: Security Requirements Gathering
• Module 03: Secure Application Design and Architecture
• Module 04: Secure Coding Practices for Input Validation
• Module 05: Secure Coding Practices for Authentication and Authorization
• Module 06: Secure Coding Practices for Cryptography
• Module 07: Secure Coding Practices for Session Management
• Module 08: Secure Coding Practices for Error Handling
• Module 09: Static and Dynamic Application Security Testing (SAST & DAST)
• Module 10: Secure Deployment and Maintenance

• Total Questions: 50
• Duration: 2 hours
• Format: Multiple choice
• Passing Score: 70%
• Available On: EC-Council Exam Portal

Eligibility Criteria: Complete official training through an EC-Council Authorized Partner (such as iLearn, iWeek, or an Accredited Training Center). Note: A non-refundable application fee of USD 100 applies unless included in your training package.
Hold a valid ECSP (.NET/Java) certification in good standing (application fee waived).
Have at least 2 years of work experience in information security or software development. (Application fee: USD 100, non-refundable).
Possess an equivalent industry-recognized certification (e.g., GSSP .NET/Java). (Application fee: USD 100, non-refundable).