<![CDATA[The development of technology in the healthcare sector has encouraged the utilization of web-based platforms to comprehensively support hospital service operations. This requires the implementation of strict security standards to protect the privacy of patients’ medical data. This study focuses on evaluating the security level of the official website of UPT RSUD RAA Soewondo Pati through penetration testing based on the OWASP framework. The evaluation stages included web infrastructure identification using Wappalyzer and vulnerability scanning using OWASP ZAP. Based on the testing results, several security vulnerabilities with varying levels of risk were identified, including SQL Injection, Cross-Site Scripting (XSS) threats, and vulnerabilities related to session management and authentication systems. In general, the system’s security profile falls into the medium-risk category, indicating that further improvements are required to reduce cyber threats. The use of OWASP guidelines in this study proved effective in identifying system weaknesses while also formulating mitigation strategies, such as optimizing server configuration, implementing secure coding practices, and improving authentication workflows.]]>
Copyrights © 2026
