New Application Security Certification Launched

By Rich

We’ve been talking a lot about application security since we started this blog, and one thing we’ve been tracking closely are training and certification programs. 200903312137.jpg While we couldn’t talk about it, we’ve been quietly involved with the Institute for Certified Application Security Specialists. We reviewed the program during development, and were overall pretty impressed. It has very similar requirements to the CSSLP, but is more cost effective for security practitioners… something we can all appreciate in this economy. Believe it or not, despite my not-infrequent diatribes against various certifications, I actually went through the process myself and am fully certified. What I really appreciate is how pragmatic the program is, and how it really reflects the operational realities of application security.

You can get more information at the Institute for Certified Application Security Specialists, and as a member of the affiliate program Securosis readers receive a 10% discount.

Oh- and don’t forget to join the LinkedIn Group!

No Related Posts

[...] Rich: Looking forward to getting ASS Certification. [...]


@Rich—I made suggestions for the code of ASS ethics, so I hope that they will make me an honorary ASS.

Robert Hansen has always been a shining example of a great ASS in my book, so I hope we can all follow his lead.

@Jim—both OWASP and WASC are full of ASSes, many who simply lack the formal recognition, so this is long overdue.

If you check out the Aspect site, they have actually been hiring ASSes for some time, as have those guys over at WhiteHat Security.

@Anonymous - ROFLMAO.

By Arian

I think once the Institute store makes its exclusive gear available, you should be the first to buy an ASS hat.


Rich and Adrian, Good sugar honey ice tea. I just became a certified ASS

By Mark A

As the official OWASP Podcast Host, I endorse this cert - OWASP has no ASSes right now, but I see that WASC and Securosis are full of pros who are 100% ASS certified. I also see from the website that Jeremiah and Hansen are 2 of the leading ASS’es in the organization. Great work, I can only hope that someday, I too will be a certified ASS!

PS: You should change your name to “The ASS Institute”

By Jim Manico

PS: April Fools, just kidding! =)

By Jim Manico

I’ve said it before, and I’ll say it again… The app sec industry will turn around if the department heads spend more time listening to their ASSes.

By Lucy Lee


By Andre Gironda



By Andre Gironda

You know I don’t mean it in a mean way. But I’m amused that you went through the process to become a certified ass.

I have to ad-lib it myself, without certification :)

By Rob

If you like to leave comments, and aren’t a spammer, register for the site and email us at and we’ll turn off moderation for your account.