Analysis of Web Security Using Open Web Application Security Project 10

Abstract

Open Web Application Security Project 10 is a web application security testing framework method that focuses on web application security to find weaknesses in a website. The Open Web Application Security Project 10 aims to ensure the safety of websites in form checklists. Open Web Application Security Project 10 has the ten most dangerous types of website vulnerabilities such as injection, broken authentication, sensitive data exposure, Extensible Markup Language external entities, corrupted access control, security misconfiguration, cross-site scripting, unreliable deserialization, segment exploitation with known weaknesses, and lack of logging and checking. This paper analyzes and tests the security of the web along with six sub-domains with the aim of knowing and assessing the security level of a website, whether additional security is needed, and recommendations on the website. The results of this paper indicate that the web has a security level 80%, web informatics engineering subdomain 60%, information systems 60%, informatics management 60%, integrated academic system 80%, student acceptance 80% and e-learning 80%.