The existence of application innovation is important for the operations of an organization. Information security is currently a challenge in building secure applications because hacking often occurs in critical or transactional information applications, such as the financial sector. In addition to applying good programming techniques, application programmers must have information security awareness to produce secure applications. Application security vulnerabilities are caused by programmers' lack of information security awareness. In this study, the measurement of programmer information awareness is juxtaposed with testing application security vulnerabilities. Measuring the level of information security awareness using knowledge, attitude, and behavior modeling with Manage Security Services indicators on COBIT 5 as the focus area and testing application security vulnerabilities using OWASP-ZAP according to OWASP TOP 10 best practices. Data processing using Structural Equation Modeling-Partial Least Square can provide information about the effect of programmer information security awareness on application security vulnerabilities. The information becomes input in improving the competence of programmers in the field of information security. As a result of the research, some findings and discussions are given at the end of this article to achieve secure application programming through increasing awareness of information security.