Evaluasi Risiko Celah Keamanan Aplikasi E-Office menggunakan Metode OWASP

Abstract

Based on data from Badan Siber dan Sandi Negara (BSSN) in 2022, it was reported that a total of 1,950 security vulnerabilities were found in 457 electronic systems across various applications widely used by the public. The purpose of this research is to evaluate the risk of existing security vulnerabilities in the E-Office application and determine the level and impact that these vulnerabilities can cause. This research focuses on information system security, specifically evaluating the risk of security vulnerabilities in the E-Office application of the Ogan Ilir Regency. The research was conducted using the Open Web Application Security Project (OWASP) method with a risk rating assessment. The research process began with a literature review to gather data and information sources, determine the scope and research objectives, test, identify security vulnerabilities, analyze security vulnerabilities, and the results of the analysis. The research subject is the E-Office application of Ogan Ilir Regency, with the object of the research being the security vulnerabilities in that application. OWASPZap was used as a tool to obtain data on security vulnerabilities, and using OWASPZap, 38 security vulnerabilities were found, with 18 of them meeting the criteria of the OWASP Top 10. Our findings indicate that the security vulnerabilities in the E-Office application of Ogan Ilir Regency include vulnerabilities in authentication levels, access control, configuration, and data validation processes.