Web security analysis is a very important thing to do, especially for organizations or agencies that depend on web technology in carrying out their business activities and managing data and information. The popularity of web-based applications makes the web itself vulnerable to security threats, such as cyberattacks, which can have an impact on data integrity and confidentiality. One of the web security assessment analyses can be done by penetration testing. Web security assessment testing needs to be done to identify vulnerabilities then if the vulnerability is determined it will be easier to develop an effective mitigation strategy. This research will conduct experiments with penetration testing methods by simulating web attacks with OWASP top 10. The results of the research will be recommendations given including the implementation of security configurations more optimally, CMS updates, strict access control settings, and increased security awareness for users who are directly connected to website-based applications. Configuration errors can also result in valuable information being extracted from the system. Conducting regular web security analysis, organizations or agencies using web-based applications can identify and overcome vulnerabilities before they are exploited by irresponsible parties. This enables organizations to maintain the security and integrity of web systems, as well as protect critical digital assets, especially valuable data.
Copyrights © 2024