APP DEFENSE ALLIANCE
Cloud Application Security Assessment (CASA)

Google CASA
As an Authorized Lab for CASA, NST Cyber follows a multi-faceted & comprehensive assessment methodology based on OWASP Application Security Verification Standard (ASVS).
With Google (CASA Framework User) Initiated Assessments, NST Cyber as an authorized assessor verifies the app for CASA assurance level 2 or 3.
What to expect
Depending on the applicable set of controls, a combination of active and passive assessment methods will be adopted by NST Cyber for your Google CASA assessment. This might include Manual Penetration testing, Automated Scanning, Configuration Audit, and Security Architecture Review, and Secure Code Review.
CASA Self-Initiated Assessment
Developers can independently use the CASA framework to test the level of assurance of their applications and give their users more protection and confidence in the security posture of the applications they use. NST Cyber can help you in validating and declaring your apps security posture with CASA Tier 3 Self-Initiated Assessment.
As an Authorized Assessor, NST Cyber will give you a Letter of Validation (LOV) once your self-initiated Tier 3 evaluation has been completed. With the LOV in hand, you can proudly announce to the world that your app has been independently verified by the App Defense Alliance on both your app and website. Additionally, the CASA certificates will be available in App Defense Alliance directory as well.
Tier 3 Assessment
For Google or Developer Initiated Tier 3 CASA assessments, as an authorized lab NST Cyber will test and validate all CASA requirements and publish the Letter of Validation (LOV) once completed.
Tier 2 Assessment
NST Cyber provide end to end support in assessment and validation in case of Google initiated Tier 2 CASA assessment if developer opted for assessment and verification by an authorized lab.
CASA and OWASP ASVS
App Defense Alliance (ADA) uses CASA framework as a basis for testing cloud application technical security controls based on the OWASP Application Security Verification Standard (ASVS).
Know more about App Defense Alliance (ADA) and CASA:
https://appdefensealliance.dev/casa
EMPOWERING CUSTOMERS ACHIEVE SUCCESS IN
Google or Self-Initiated Cloud Application Security Assessment (CASA)
Critical Business Impacting Findings
Weekly Project Updates
Fortnightly Project Sync-up meetings
Initial Assessment Debriefing Meeting
Project Closure Meeting
Powered by NST Assure
You are always in control of managing your security assessment projects, remediation process, and revalidation assessments with NST Assure’s powerful collaboration and orchestration features.
- Be in line with security assessment process
- Holistic view of the threat posture for any or all assessment projects
- Real-time Collaboration with your Security Assessment Team
- Schedule Report walkthroughs or Debrief sessions at your convenience
- Secure Download of assessment reports and trackers
- Understand risk to compliance requirements before it is too late
- Focus on what needs attention and cut the noise
- Demonstrate ROIs and security posture to Executive teams