Who should take this exam?

CAP is intended to be taken by application security engineers, application developers, SOC analysts, penetration testers, red and blue team members and any appsec enthusiast, who wants to evaluate and advance their knowledge.

What is the format of the exam?

The exam includes Multiple Choice Questions (MCQs) covering the syllabus. The time duration of the exam is 60 minutes. The exam will be proctored but can be taken online, anytime (on-demand) and from anywhere. The exam will cover a variety of questions which are both factual and scenario based. The exam focuses on core concepts and is language or technology agnostic.

What is the pass criteria for the exam?

• Attendees scoring over 60% marks will be deemed to have successfully passed the exam.
• Attendees scoring over 75% marks will be deemed to have passed with a merit.

What is the experience needed to take the certification?

This is an intermediate-level course. Attendees should have prior knowledge (both theoretical and practical) of common application security related topics such as the OWASP Top 10 issues, common security misconfigurations, best security practices, defense-in-depth measures as well as an overview of how vulnerabilities can be exploited in the real world scenario.

What will the attendees get?

On completing the exam, each attendee will receive:

• A certificate with their pass/fail and merit status.
• The certificate will contain a code/QR link, which can be used by anyone to validate the certificate.

What is the exam retake policy?

Candidates who fail the exam, must purchase a new exam voucher to retake the exam.

What are the benefits of this certification?

The certificate will allow attendees to demonstrate their understanding of application security topics. This will help them to advance in their career.