Litcius/Paper detail

Security Vulnerability Analysis of the Sharia Crowdfunding Website Using OWASP-ZAP

Nurbojatmiko Nurbojatmiko, Ari Lathifah, Faaza Bil Amri, Ani Rosidah

20222022 10th International Conference on Cyber and IT Service Management (CITSM)15 citationsDOI

Abstract

Indonesia is a country with fairly high market development in Financial Technology (FinTech) Services in the Asia Pacific region. The innovative benefit of FinTech is sharia crowdfunding. Data and information security are important for a company or organization. The problem faced by the use of websites in various fields, especially on the sharia crowdfunding website, is the security of information concerning data from an organization. This study aims to analyze the security vulnerabilities of the sharia crowdfunding website with the Open Web Application Security Project (OWASP) approach using the Zed Attack Proxy (ZAP) tool. OWASP is an open-source framework for improving the security of application software on websites. The results of this study determine the level of vulnerability in the Sharia Crowdfunding Website. This test is carried out to find vulnerabilities and risks on a crowdfunding website and provide recommendations for improving security on the website. The top 10 Security Vulnerabilities based on OWASP consist of 4 high levels, 5 medium levels, 14 low levels, and 9 information levels including Broken Access Control, Injection, Insecure Design, Security Misconfiguration, Vulnerable and Outdated Components, and Software and Data Integrity Failures.

Topics & Concepts

Computer securityBusinessVulnerability (computing)Information securityVulnerability managementInternet privacyVulnerability assessmentComputer sciencePsychotherapistPsychological resiliencePsychologyBlockchain Technology in Education and LearningInformation Retrieval and Data MiningPrivacy, Security, and Data Protection
Security Vulnerability Analysis of the Sharia Crowdfunding Website Using OWASP-ZAP | Litcius