Analisis Kerawanan Pada Aplikasi Website Menggunakan Standar OWASP Top 10 Untuk Penilaian Risk Rating
DOI:
https://doi.org/10.56706/ik.v17i1.64Keywords:
action research, scanning vulnerability, vulnerability assessmentAbstract
Since 2011, SMA N “ABC” has implemented a web-based information system. The information system is intended as an introduction to information and learning media for students. The system has never been audited and/or tested for security, so the vulnerability is not yet known. To test the security of the SI SMA N “ABC” application, vulnerability scanning and vulnerability assessment were carried out using the Open Web Application Security Project (OWASP) Top 10 Security Risk 2017 and the Open Web Application Security Project (OWASP) Risk Rating Methodology. From the results of scanning vulnerabilities found thirteen vulnerabilities ranging from high to low categories. Based on the assessment of detected vulnerabilities, resulting in a scale of 5.72 for the possibility of vulnerabilities being exploited by attackers and a scale of 3,315 for the impact on business processes at SMA N “ABC”
References
H. P. Siagian, “ULNERABILITY ASSESSMENT PADA WEB SERVER WWW.BINADARMA.AC.ID,” Jurnal Mahasiswa Teknik Informatika., 2014, Accessed: Oct. 28, 2022. [Online]. Available: http://eprints.binadarma.ac.id/id/eprint/2018
B. Ghozali, K. Kusrini, and S. Sudarmawan, “Mendeteksi Kerentanan Keamanan Aplikasi Website Menggunakan Metode Owasp (Open Web Application Security Project) Untuk Penilaian Risk Rating,” Creative Information Technology Journal, vol. 4, no. 4, p. 264, Jan. 2019, doi: 10.24076/citec.2017v4i4.119.
R. Aditya Pratama Wijaya, A. Rahman Hakim, S. Tinggi Sandi Negara, and P. Korespondensi, “PERANCANGAN PERANGKAT AUDIT INTERNAL UNTUK SISTEM KEAMANAN INFORMASI PADA ORGANISASI XYZ,” vol. 7, no. 3, pp. 435–442, 2020, doi: 10.25126/jtiik.202071940.
“OWASP Top 10-2017,” 2003. [Online]. Available: https://github.com/OWASP/Top10/issues
I. M. Edy Listartha, I. M. A. Premana Mitha, M. W. Aditya Arta, and I. Km. W. Yuda Arimika, “Analisis Kerentanan Website SMA Negeri 2 Amlapura Menggunakan Metode OWASP (Open Web Application Security Project),” SIMKOM, vol. 7, no. 1, pp. 23–27, Jan. 2022, doi: 10.51717/simkom.v7i1.63.
F. Fachri, A. Fadlil, I. Riadi, A. Dahlan, Y. Jln Soepomo, and I. Artikel, “Analisis Keamanan Webserver Menggunakan Penetration Test,” JURNAL INFORMATIKA, vol. 8, no. 2, 2021, [Online]. Available: http://ejournal.bsi.ac.id/ejurnal/index.php/ji
M. E. Khan and F. Khan, “A Comparative Study of White Box, Black Box and Grey Box Testing Techniques,” 2012. [Online]. Available: www.ijacsa.thesai.org
A. Zakiah, A. Ekawijana, and E. A. Laksana, “IMPLEMENTASI METODE ACTION RESEARCH UNTUK PENINGKATAN DAYA SAING UMKM MELALUI E-COMMERCE IMPLEMENTATION OF ACTION RESEARCH FOR IMPROVING THE COMPETITIVENESS OF SMES WITH E-COMMERCE.”
I. M. E. Listartha, “ANALISIS KERENTANAN WEBSITE SMA NEGERI 2 AMLAPURA MENGGUNAKAN METODE OWASP (OPEN WEB APPLICATION SECURITY PROJECT),” Prosiding Seminar Nasional Teknologi dan Informatika, 2017.
T. Casey, P. Koeberl, and C. Vishik, “Threat agents: A necessary component of threat analysis,” in ACM International Conference Proceeding Series, 2010. doi: 10.1145/1852666.1852728.
B. Ghozali, “Mendeteksi Kerentanan Keamanan Aplikasi Website Menggunakan Metode Owasp (Open Web Application Security Project) untuk Penilaian Risk Rating Detect Web Application Security Flaws Using the Owasp (Open Web Application Security Project) Method for Risk Assessment,” Dikirim: 09 Februari, 2018.
Downloads
Submitted
Accepted
Published
Issue
Section
License
Copyright (c) 2023 Info Kripto

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.