Article Per Year (5 Year)
p-Index From 2020 - 2025
0.23
P-Index
This Author published in this journals
All Journal Jurnal Indonesia : Manajemen Informatika dan Komunikasi
Saputra, Dio Wahyu
Unknown Affiliation
Computer Science & IT Languange, Linguistic, Communication & Media Library & Information Science

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
Analisis dan Rekomendasi Keamanan Website Kampus X Menggunakan ISSAF Saputra, Dio Wahyu; Pradini, Risqy Siwi; Anshori, Mochammad
Jurnal Indonesia : Manajemen Informatika dan Komunikasi Vol. 6 No. 1 (2025): Januari
Publisher : Lembaga Penelitian dan Pengabdian Kepada Masyarakat (LPPM) STMIK Indonesia Banda Aceh

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.35870/jimik.v6i1.1306

Abstract

The security of educational institution websites is critical in the digital era, especially with the increasing reliance on web-based services. This study evaluates the security of the Campus X website in Malang City using ISSAF (Information Systems Security Assessment Framework). The research stages include information gathering, network mapping, vulnerability identification, and penetration testing. At the vulnerability identification stage, tools such as OWASP ZAP and Acunetix detect security holes in web applications. The results show that the server has implemented the TLS protocol with basic security configuration. Still, several vulnerabilities exist, such as unnecessary open ports and deficiencies in the security header settings. Scanning using OWASP ZAP identified 24 security alerts, 12.5% of which were categorized as high risk, including SQL Injection and a lack of Content Security Policy (CSP). Additionally, DDoS attack simulations demonstrated server resilience, but testing showed the need for security improvements in other aspects. Key recommendations include implementing DNSSEC, closing unused ports, adding CSP headers, and improving protection against web application-based attacks. This research emphasizes the importance of a holistic and ongoing approach to website security management, including regular audits and real-time monitoring. With this strategy, institutions hope to strengthen their security posture, protect digital assets, and minimize the risk of ever-growing cyber attacks.
Co-Authors Mochamad Anshori Risqy Siwi Pradini