Litcius/Paper detail

Development of Vulnerable Web Application Based on OWASP API Security Risks

Muhammad Zaffwan Idris, Iwan Syarif, Idris Winarno

202125 citationsDOI

Abstract

APIs are critical for digital transformation as well as the establishment and development of new business models. They are the foundation of application economics which allows for quicker, better, and less expensive development. In security perspective, OWASP released its first API security report in 2019 which finally differentiate the security risk categories between API and web application. In recent years, there have been many incidents of cyber attacks related to API, while the implementation of the API itself is growing in popularity among organizations. Therefore, the need to understand APIs from a security perspective should be taken seriously and considered as an integral part of the software development life cycle. In this research, we proposed an API security learning environment called Vulnerable Academic Information System (VAIS) based on the OWASP API Security Risks with containerization deployment plan and gamification technique to provide a fun yet challenging environment for people in understanding the API security in a legal environment.

Topics & Concepts

Computer scienceWeb application securityComputer securityPopularityThreat modelApplication securitySecure codingSecurity testingSoftware security assuranceSecurity through obscurityWorld Wide WebSecurity information and event managementInformation securityRisk analysis (engineering)Software engineeringWeb developmentSecurity serviceCloud computing securityWeb serviceBusinessPsychologySocial psychologyOperating systemCloud computingAdvanced Malware Detection TechniquesSoftware Engineering ResearchSoftware System Performance and Reliability
Development of Vulnerable Web Application Based on OWASP API Security Risks | Litcius