Jurnal Informatika dan Rekayasa Perangkat Lunak (Sep 2023)
Analisis Keamanan Website Menggunakan Standar Keamanan Open Web Application Security Project (OWASP) Studi Kasus Website Penerimaan Mahasiswa Baru Universitas Wahid Hasyim Semarang
Abstract
Wahid Hasyim University has a website that contains information and documents that are published and can be accessed by users. One of the most crucial websites is the New Student Admissions (PMB) website. The rise of population data leaks in Indonesia has opened our eyes that behind the advancement of digital technology there is a fairly high level of threat. Based on the existing problems, an analysis of the level of website security is needed by using the Open Web Application Security Project (OWASP) security standard, which can ease the burden on system managers and developers with the aim of preventing and overcoming the effects of risks found on the New Student Admissions website at Wahid Hasyim University Semarang. Testing the security system used by researchers in this study is using the Open Web Application Security Project's security standard (OWASP), which is the top 10 of the security standards released by the organization (OWASP) which contains the 10 highest lists of security holes that threaten the security of a website, and using (OWASP-ZAP) Zed Attack Proxy is an application used in penetration testing to find security vulnerabilities/holes in a website application. The test method with (OWASP) can provide assistance in choosing the actions that need to be taken to minimize data leakage vulnerabilities. Based on the results of the analysis using (OWASP-ZAP) several loopholes and vulnerabilities were found on the website. Based on the results of the penetration test, the quality of website security for New Student Admissions is at a moderate level, so further corrective action is needed from the website developer to improve website security.
Keywords