Uji Vulnerability Assessment Dalam Mengetahui Tingkat Keamanan Web Aplikasi Sistem Informasi Laporan Diskominfo Dan Sandi Aceh

Abstract

Along with the increasing need for information systems in the Districts/Cities of Aceh Province in supporting the development process of a region, the penetration test and evaluation of the system has been delayed. This is due to the limited number of experts in the province as well as the level of dependence on human resources in Districts/Cities who have limited capacity in terms of testing information systems. Therefore, with the presence of the latest web application information system at Diskominfo and Sandi Aceh, it requires system testing to determine the feasibility level of publication of the information system. The testing technique in this study used the VAPT Life Cycle method. Where the VAPT Life Cycle will identify, describe, assess vulnerabilities based on the CVSS (Common Vulnerability Scoring System) and provide solutions for handling vulnerabilities. The vulnerability discovery process in this study uses the Nessus Vulnerability Scanning tool. From the findings there are 4 vulnerabilities, 1 in the high category and 3 in the medium category. This vulnerability data can be used as evaluation material to close or fix existing security holes.