Certified Offensive AI Security Professional (COASP)Apply for Beta Exam

COASP is a hands-on, practitioner-level credential that validates your ability to ethically attack AI systems so you can defend them with engineering-grade controls.

COASP trains security professionals to think like adversaries targeting AI models, LLMs, data pipelines, and AI-powered applications – covering areas like adversarial AI, prompt injection, model manipulation, and AI-specific threat exploitation.

COASP is not about building AI models or running AI programs. It is about proving you can:

Think like an attacker inside AI systems
Uncover weaknesses across models and pipelines
Validate security controls
Reduce operational risk before deployment

This is the only credential built for offensive AI security work with outcomes you can demonstrate.

Who COASP Is Designed For

Certified Offensive AI Security Professional

COASP is designed for security professionals who wish to master offensive and defensive AI security techniques.

Offensive Security

Penetration Tester / Ethical Hacker
Red Team Operator / Red Team Lead
Offensive Security Engineer
Adversary Emulation / Purple Team Specialist

Defensive Security

SOC Analyst (Tier 2/3) / Detection Engineer
Blue Team Engineer / Threat Detection Engineer
Incident Responder (IR) / DFIR Analyst
Security Operations Manager (SOC Lead)

Threat Intelligence

Malware Analyst / Threat Researcher
Cyber Threat Intelligence (CTI) Analyst – AI Focus
Fraud / Abuse Detection Analyst (AI-enabled threats)

Security Engineering

DevSecOps / Secure DevOps Specialist
Application Security Engineer (LLM Apps / APIs)
Product Security Engineer / AI Product Security

AI/ML Engineering

ML Engineer / Applied AI Engineer
GenAI Engineer (RAG / Agents)
AI / LLM Application Developer
MLOps / AI Platform Engineer

AI Security Architecture

Secure AI Engineer / AI Security Architect
LLM Systems Engineer

COASP Exam Details

CRAGE Exam Details
Duration	6 Hours
Questions	70

Blue Print

Passing Criteria:

In order to maintain the high integrity of our certification exams, EC-Council Exams are provided in multiple forms (i.e., different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts that ensure that each of our exams not only have academic rigor but also have “real world” applicability. We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall “Cut Score” for each exam form. To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 85%.

Clause: Age Requirements and Policies Concerning Minors

Minors are not permitted to take the EC-Council exam without a written consent/indemnity letter signed by their parent or legal guardian, along with a supporting letter from their institution of learning. Only candidates from a nationally accredited institution of learning shall be considered.

Minor/Adult legal ages are defined by the country of residence/origin for the candidate. For further clarification or to submit a letter of consent, please contact [email protected]. EC-Council reserves the right to revoke the certification status of candidates in case of non-compliance with this policy.

Disclaimer:

EC-Council reserves the right to impose additional restriction to comply with the policy.
EC-Council reserves the right to modify certification policies without notice.
EC-Council reserves the right to revoke the certification of any person determined to be in breach of this policy.

FAQs:

What are the eligibility criteria to apply for the Certified Offensive AI Security Professional exam?

To be eligible to apply to sit for the Certified Offensive AI Security Professional Exam, a candidate must either:

Have a minimum of 2 years work experience in InfoSec domain (You will need to pay USD100 as a non-refundable application fee);
Or Have attended an official EC-Council training (All candidates are required to pay the $100 application fee, however your training fee shall include this fee)

Note:

As various consumer laws across the world to prohibit any type of “price fixing”, EC-Council Certification department is unable to prescribe minimum pricing for its exams. This allows a free market approach which benefits our certification community.
As the price of an exam vouchers is many times bundled with official training by our accredited partners, the price may vary depending on the region, training facilities, training partner, the trainers experience, cost of proctoring the exam and even the mode of training of the partner.
It is imperative that we make it clear that no student shall be deemed to have any added advantage whatsoever from one mode of training to another in order to challenge the Certified Responsible AI Governance & Ethics exam as the exam is a standard exam for everyone, regardless of the method of training.
Should any training partner attempt to tell you otherwise, we ask that you lodge an official complaint with the EC-Council certification department so that the necessary action can be taken against the training partner.

How long does the application process take?

On an average, application processing time would be between 5-10 working days once the verifiers on the application respond to EC-Council’s requests for information.

Is the $100 application fee refundable?

No, the $100 application fee is not refundable

For how long is the approved application valid for?

The application process is valid for 3 months from the date of approval.

Is the application form mandatory for all test takers?

Yes, the application form is mandatory for all test takers who want to take the exam directly without undergoing training.

Note: For those who are attending official training, details will be collected as part of your training through the training evaluation feedback form.

What is the next step once the application is approved?

Once your application is approved you can proceed to purchase your exam voucher from EC-Council Online Store

What is the format of the COASP exam? Where is the exam available?

The COASP exam is an MCQ (Multiple Choice Question) + Practical exam. This exam is only available at the ECC Exam Centre.

Is COASP an open book exam?

No, it’s not an open book exam.

What is the total no of questions in the COASP exam?

The exam has 70 questions.

How many MCQ and Practical questions are included in the COASP exam?

The COASP exam consists of two sections; the first section contains 65 multiple-choice questions, and the second section contains 5 hands-on practical questions.

What is the weightage of each question?

MCQs carry one mark each, and practical questions carry seven marks each.

What is the duration of the exam?

The exam duration is 360 mins (6 Hrs).

For how long is the exam voucher code valid for?

The exam voucher code is valid for 1 year from the date of receipt.

Is the exam proctored? What are the proctoring options available?

For those attempting the exam remotely through Remote Proctoring Service (RPS), The exam will be proctored remotely by an authorised proctor.

What is the passing criteria?

In order to maintain the high integrity of our certifications exams, EC-Council Exams are provided in multiple forms (I.e. different question banks). Each form is carefully analyzed through beta testing with an appropriate sample group under the purview of a committee of subject matter experts that ensure that each of our exams not only have academic rigor but also have “real world” applicability. We also have a process to determine the difficulty rating of each question. The individual rating then contributes to an overall “Cut Score” for each exam form. To ensure each form has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 85%.

How much notice is required to book a remotely proctored exam session?

Sessions should be booked at least 3 days in advance of the desired exam date.
Note: All exam sessions are proctored through EC-Council Remote Proctoring Service.

What are the important things to keep in mind before I schedule my exam with a remote proctor?

Once you are ready to proceed with your exam, please ensure you understand the below:

You need to run an equipment test.
You need to carry an identification proof.
You should hold an valid exam voucher.

Is the COASP title a part of the EC-Council Continuing Education Scheme?

Yes, the COASP is a part of the EC-Council Continuing Education Scheme.

What is the Annual Continuing Education fee of COASP certification?

USD80 per annum.

What is the retake policy?

Retake exam requests can only be purchased by writing to [email protected], should a candidate fail the exam. You can also read more about the retake policy here.