• Online, Self-Paced
Course Description
Ensuring developers understand application security needs can be overwhelming but leveraging OWASP ASVS organizations can test and prove applications meet specific levels of security. This course is designed to equip Privacy and Cybersecurity Management with the knowledge required to provide development teams with a basis for testing web application technical security controls and a list of requirements for secure development in adherence to the Application Security Verification Standard (ASVS) 3.0 standard.

Learning Objectives

On successful completion of this course, learners should have the knowledge and skills required to meet ASVS compliance requirements, including:

  • Using the ASVS to audit applications and to establish both internal and procurement metrics
  • Understanding the role of ASVS Levels and Threat profiles
  • Providing the necessary guidance and training to ensure your organization meets ASVS requirements

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Executive Cyber Leadership
  • Legal Advice and Advocacy
  • Program/Project Management and Acquisition


If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.