eWDP Certification

eLearnSecurity Web Defense Professional



The eLearnSecurity Web Defense Professional (eWDP) is a senior-level, practical web defense certification that proves a cyber security professional’s defense domain capabilities.


eWDP is different from your standard cyber security exam. Here’s how:

  • Tests a candidate’s understanding of web application security defense theory through a challenging multiple choice pre-exam.
  • Ensures that candidates can identify and propose valid solutions to vulnerable web applications through a practical, hands-on examination.
  • Challenges candidate to assess and mitigate findings from a penetration test report
  • Pushes candidates to autonomously validate security fixes through proof-of-concept exploits
  • Compels candidates to demonstrate the impact of security issues to development teams and managers
  • Ensures that the candidate can mitigate security issues even when changing the code is not possible through virtual patching
Knowledge Domains

By passing the eWDP, your skills in the following areas will be assessed and certified:

  • Information Gathering
  • Configuration Management
  • Authentication and Authorization
  • Session Management
  • Applied Security Principles
  • Virtual Patching
  • Intrusion Detection
  • Logic Flaws
  • Data Validation
  • Cryptography
  • Denial of Service
  • Web Services
  • Client Side and Phishing
  • Error Handling and Logging

eWDP was designed for individuals that possess a deep understanding of web application defense. Everyone can attempt the certification exam, however here are the advised skills necessary for a successful outcome:

  • Solid understanding of the content provided in the learning path
  • Identify vulnerabilities when looking at a web application
  • Identify vulnerabilities when looking at source code
  • Fix vulnerabilities in the code
  • Virtually patch vulnerabilities without modifying the code
The exam

eLearnSecurity’s eWDP is the only certification for web defenders that evaluates your practical abilities through a real world engagement.

eLearnSecurity’s eWDP is divided in two steps: a theoretical, multiple choice assessment through a multiple choice test and a practical exam. Both tests can be taken online and on-demand.

Certification Process

There are two ways to become an eWDP:

1. Obtain voucher by enrolling in INE’s Practical Web Defense learning path

INE’s Practical Web Defense (PWD) learning path prepares you for the eWDP exam with the necessary theory and a number of hands-on practical challenges similar to the final exam.


2. Attempting the certification without training

The candidate that feels prepared enough to demonstrate their practical and professional skills during the exam, can purchase an eWDP voucher and go through the certification process at their own risk.

Whether you are attempting the eWDP certification exam on your own or after having attended one of our approved training courses, you will need to follow these steps to get a certificate:

Whether you are attempting the certification exam on your own or after completing one of our approved learning paths, you will need to purchase an exam voucher before you can start your certification process. Once you obtain the voucher you will receive login credentials to our Certification area where you will manage the exam, the VPN credentials, and any other materials related to the certification process.

Regular vouchers expire after 180 days from purchase.

Before the certification expires, you will have to begin the certification process by clicking on “Begin certification process”. The expiration date will always be available in your certification area and reminder emails are sent to make sure you take advantage of the voucher.

The eWDP is a two-part certification. The first part consists of a theoretical multiple choice quiz, you will have 90 minutes to take it and it requires an 75% or above to pass. Please note that if you do not pass the first part, or submit your quiz on time, you will not be able to the second stage and will lose your voucher with no free retakes. Additionally, the first part of the eWDP counts as 30% of the total grade.

Upon successful completion of the first part, you will then be able to proceed to the second part of the certification process, which is purely practical and counts for 70% of your total grade. You will have to submit a report for this stage and an instructor will review your report. Please reference your Letter of Engagement in your Member’s Area for more details.

Once you have completed the exam portion, it’s time to finalize your report. This should be a commercial grade report proving all of your findings and providing remediation steps for your client. You must submit your report within 14 days from the beginning of the certification process (step 2), in PDF format for review.

You are awarded the certification after an eLearnSecurity instructor carefully reviews your findings and deems your work sufficient. Should you fail the first attempt, you will receive valuable feedback from our instructors. You will then have one free attempt to re-take the certification.

This exam is manually graded. Once submitted, it may take up to 30 days to receive your results.