With recognition of the importance of web application security, there is a need for research on an action program for measurement and improvement of web application security. Therefore, the main purpose of this study was to formulate a Kaizen program suitable for measurement and improvement of web application security vulnerabilities. An improvement working procedure is introduced to implement the Kaizen program. Further, an augmented attack potential measurement method is proposed to measure the effectiveness of the formulated Kaizen program. The proposed new attack potential measurement method is considered to be an umbrella under which several novel techniques and methods are included, such as OWASP’s web application security vulnerabilities assessment method, ISO/IEC 18045 attack potential ratings method and fuzzy evaluation method. The numerical results of an example are presented to show that the augmented attack potential measurement method is not only comparable but also distinguishable. It is more reasonable and effective than that of the traditional method for measuring web application security improvement. Finally, conclusions are made and suggestions for future work are proposed. To cite this document: Kuo-Sui Lin, "New Attack Potential Measurement Method to Kaizen Event for Web Application Security Vulnerabilities", International Journal of Electronic Commerce Studies, Vol.10, No.2, pp.89-112, 2019.Permanent link to this document:http://dx.doi.org/10.7903/ijecs.1536