Implementation of a Security Strengthening System to Mitigate Vulnerabilities in Academic Web Applications
Main Article Content
Abstract
This research work proposes the implementation of a system to strengthen the security of academic web applications based on a study carried out at a public university in Ecuador. Within a comparative analysis, OWASP is selected as the base methodology for the development of tests, OWASP ZAP as the penetration test tool, and within the vulnerability scanning, the ten (10) categories of the OWASP 2021 methodology are taken into account. We will focus on two (2) test scenarios; the first one, in which we will examine vulnerabilities in web applications in production and, the second one, which we will apply the methodology we have established in a controlled environment; according to data obtained from the test scenarios, it was contrasted that the application of this security strengthening system reduces vulnerabilities in academic web applications by 98.83%, and with the statistical test of chi square with a confidence level of 95% it is demonstrated that this methodology does reduce the number of vulnerabilities, resulting in the use of more secure academic web applications.Keywords- Web application, security, vulnerability.