<![CDATA[This study aims to identify and analyze security vulnerabilities on the online learning website of Utama University using the Open Source Security Testing Methodology Manual (OSSTMM). This method offers a structured framework for security testing with a systematic and evidence-based approach. The research findings indicate several vulnerabilities in authentication mechanisms, input validation, SSL/TLS configuration, and API security. The identified vulnerabilities include weaknesses in authentication mechanisms against brute force attacks, input validation susceptible to injection attacks, SSL/TLS configuration not meeting security standards, and inadequate API security. The mitigation recommendations include implementing CAPTCHA, limiting login attempts, using prepared statements, enhancing SSL/TLS configuration, and implementing security headers such as X-Frame-Options, Content-Security-Policy, and X-Content-Type-Options. By applying these recommendations, the overall security level of the website is expected to improve, ensuring the confidentiality, integrity, and availability of user data, and increasing trust in the university's digital services.]]>
Copyrights © 2024
