A case study on web application security testing with tools and manual testing

2013 ◽  
Author(s):  
LaShanda Dukes ◽  
Xiaohong Yuan ◽  
Francis Akowuah
Keyword(s):  
Web Application ◽  
Security Testing ◽  
Web Application Security ◽  
Application Security ◽  
Manual Testing

An Alternative Threat Model-based Approach for Security Testing

2015 ◽  
Vol 6 (3) ◽  
pp. 50-64 ◽  
Author(s):  
Bouchaib Falah ◽  
Mohammed Akour ◽  
Samia Oukemeni
Keyword(s):  
Web Application ◽  
Web Applications ◽  
Security Attacks ◽  
Security Testing ◽  
Security Risks ◽  
Web Application Security ◽  
Application Security ◽  
Malicious Codes ◽  
Testing Approach ◽  
Interaction Web

In modern interaction, web applications has gained more and more popularity, which leads to a significate growth of exposure to malicious users and vulnerability attacks. This causes organizations and companies to lose valuable information and suffer from bad reputation. One of the effective mitigation practices is to perform security testing against the application before release it to the market. This solution won't protect web application 100% but it will test the application against malicious codes and reduce the high number of potential attacks on web application. One of known security testing approach is threat modeling, which provides an efficient technique to identify threats that can compromise system security. The authors proposed method, in this paper, focuses on improving the effectiveness of the categorization of threats by using Open 10 Web Application Security Project's (OWASP) that are the most critical web application security risks in generating threat trees in order to cover widely known security attacks.

An Alternative Threat Model-Based Approach for Security Testing

2018 ◽  
pp. 441-454
Author(s):  
Bouchaib Falah ◽  
Mohammed Akour ◽  
Samia Oukemeni
Keyword(s):  
Web Application ◽  
Web Applications ◽  
Security Testing ◽  
Security Risks ◽  
Web Application Security ◽  
Threat Model ◽  
Application Security ◽  
Malicious Codes ◽  
Testing Approach ◽  
Interaction Web

In modern interaction, web applications has gained more and more popularity, which leads to a significate growth of exposure to malicious users and vulnerability attacks. This causes organizations and companies to lose valuable information and suffer from bad reputation. One of the effective mitigation practices is to perform security testing against the application before release it to the market. This solution won't protect web application 100% but it will test the application against malicious codes and reduce the high number of potential attacks on web application. One of known security testing approach is threat modeling, which provides an efficient technique to identify threats that can compromise system security. The authors proposed method, in this paper, focuses on improving the effectiveness of the categorization of threats by using Open 10 Web Application Security Project's (OWASP) that are the most critical web application security risks in generating threat trees in order to cover widely known security attacks.

scholarly journals Security Scanner For Web Applications Case Study: Learning Management System

2020 ◽  
Vol 4 (2) ◽  
pp. 63
Author(s):  
Rian Andrian ◽  
Ahmad Fauzi
Keyword(s):  
Web Application ◽  
Web Applications ◽  
The Internet ◽  
Web Browser ◽  
Web Application Security ◽  
Application Security ◽  
Safe Programming ◽  
Application Developers ◽  
Programming Practices

In software engineering, web applications are software that are accessed using a web browser through a network such as the Internet or intranet. Web applications are applications that can be relied on by users to do many useful activities. Despite the awareness of web application developers about safe programming practices, there are still many aspect in web applications that can be exploited by attacker. The development of web applications and the Internet causes the movement of information systems to use them as a basis. Security is needed to protect the contents of web applications that are sensitive and provide a safe process of sending data, therefore application security must be applied to all infrastructure that supports web applications, including the web application itself. Most organizations today have some kind of web application security program or try to build/ improve. But most of these programs do not get the results expected for the organization, are not durable or are not able to provide value continuously and efficiently and also cannot improve the mindset of developers to build/ design secure web applications. This research aims to develop a web application security scanner that can help overcome security problems in web applications.

scholarly journals Using open source software for web application security testing

2017 ◽  
Vol 12 (2) ◽  
Author(s):  
Ksenija Živković ◽  
Ivan Milenković ◽  
Dejan Simić
Keyword(s):  
Open Source Software ◽  
Web Application ◽  
Web Applications ◽  
Functional Testing ◽  
Functional Requirements ◽  
Security Testing ◽  
Web Application Security ◽  
High Expectations ◽  
Application Security ◽  
Web Application Testing

Web applications are a standard part of our everyday lives. Their purpose can vary significantly, from e-banking to social networks. However, one thing is similar - users have generally high expectations from different web applications. To assure such high expectations, proper web application testing is necessary. Non-functional testing is an important part of web application testing. As technology advances and requirements become more complex, the importance of non-functional application aspects becomes even greater. It is necessary to identify non-functional requirements of web applications which are important to users, implement those requirements and test them.

Sign in / Sign up

Export Citation Format

Share Document