Security Qualitative Metrics for Open Web Application Security Project Compliance

Sönmez, Ferda Özdemir

doi:10.1016/j.procs.2019.04.140

Cited by 13 publications

(4 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…El autor [21] hace énfasis en las métricas cualitativas de seguridad que son empleadas para el cumplimiento de factor de seguridad indispensable para el desarrollo de aplicaciones de tipo Open Source (código libre). Además de concluir con una relación de elementos asociados con el desarrollo web que podría facilitar la ejecución de la metodología OWASP.…”

Section: Marcos De Trabajo Usados Para Mejorar La Seguridad De Aplica...unclassified

Desarrollo de una aplicación web utilizando Nextjs y metodologías agiles para mejorar los procesos administrativos internos y el manejo de finanzas de restaurantes del distrito de Villa el Salvador

Sotomayor

Alonso²

2023

REVISTA UNTELS

View full text Add to dashboard Cite

El presente artículo tiene como finalidad hacer una demostración del valor que puede aportar el uso de tecnologías móviles a restaurantes y como el emplear herramientas de software para este tipo de negocios puede generar un incremento en el valor comercial percibido tanto por los clientes, como para los empleados y los dueños de dichos negocios. Fue una investigación de tipo descriptiva, cual se encargó de hacer una revisión de la bibliografía y/o documentación generada por investigadores relacionada con la aplicación o estudio de los efectos resultantes al implementar tecnologías móviles en restaurantes, generando una base teórica de conocimiento de utilidad significativa para futuras investigaciones y/o aplicaciones. Los resultados de esta revisión sistemática de la bibliografía permitieron demostrar de qué manera la utilización de tecnologías móviles aplicada a problemáticas encontradas en restaurantes y su paulatina digitalización, lograron mejorar significativamente el valor comercial de estos. Mostrando impactos positivos en la experiencia de los comensales que acuden a los restaurantes, a su vez, facilitar y acelerar los procesos del personal administrativo e interino de los distintos negocios en donde se hicieron implementaciones de aplicaciones móviles y por último una mejora en el uso de los recursos de estos negocios.

show abstract

Section: Marcos De Trabajo Usados Para Mejorar La Seguridad De Aplica...unclassified

Desarrollo de una aplicación web utilizando Nextjs y metodologías agiles para mejorar los procesos administrativos internos y el manejo de finanzas de restaurantes del distrito de Villa el Salvador

Sotomayor

Alonso²

2023

REVISTA UNTELS

View full text Add to dashboard Cite

show abstract

“…However, since other educational sources have already spent enough time fully describing OWASP and other standards, our goal in sharing this analysis is not to do the same. Our objective is to increase public knowledge of who in Russia adheres to these standards and to persuade online platforms to implement security measures [5,6].In this study, we evaluated the general security standards of the 414 most popular Russian websites.…”

Section: Introductionmentioning

confidence: 99%

Cyber Security Standards in Popular Russian Websites through HTTP Observatory measurements

Xue

Aghbolagh

Noeiaghdam

2023

Preprint

View full text Add to dashboard Cite

Online user security is strongly reliant on a number of factors. One of the most important steps in enhancing data and communication security on well-known websites and a variety of internet services is adhering to security standards and using reliable and cutting-edge technology. These standards and technologies were developed and tested recently. Our investigation at the CERTFA Lab on 50 well-known websites shows that their security is comparable to that of the rest of the world, and very few websites are completely utilizing new security standards and technology. In fact, Russia has strong and comprehensive cyber capabilities. Websites run by the Russian government are subject to unprecedented cyberattacks, and technical measures have been taken to block international online traffic. Although domestic websites have operated successfully within the nation, some security measures need to be taken more seriously. According to our investigation, 47 of the websites we looked into have been configured with CSP2, with Yandex.ru, Ozon.ru, and wileberries.ru's implementations having more specifics and being more secure than those of the other websites, which used the upgrade-insecure-requests option as the default setting for CSP. Additionally, the results of the analysis of contemporary standards used in this study (DNSSEC, CAA, DMARC, SPF, and Expect-CT), which are mandated for the majority of Internet businesses, show that well-known Russian websites have correctly implemented these standard configurations.

show abstract

“…Specifically, we strive to create a comprehensive and analyzable metamodel that is built upon the Open Web Application Security Project's (OWASP) Application Security Verification Standard (ASVS) [15] to guarantee the optimum security of web applications. OWASP ASVS is widely used for web application security assessment the security requirements elicitation, as it provides a comprehensive overview of all security-related topics [8,22]. While the ASVS offers advantages for security assessments, there exists a gap in research concerning the generation of meaningful data for analysis.…”

Section: Introductionmentioning

confidence: 99%

A Metamodel for Web Application Security Evaluation

Wen,

Katt

2023

2023 34th Conference of Open Innovations Association (FRUCT)

View full text Add to dashboard Cite

In the digital era, web applications have become a prevalent tool for businesses. As the number of web applications continues to grow, they become enticing targets for malicious actors seeking to exploit potential security vulnerabilities. Organizations face constant risks associated with vulnerabilities in their web-based software systems, which can result in data breaches, service disruptions, and a loss of trust. Consequently, organizations require an effective and efficient approach to assess and analyze the security of acquired web-based software, ensuring sufficient confidence in its utilization. This research aims to enhance the quantitative evaluation and analysis of web application security through a model-based approach. We focus on integrating the Open Web Application Security Project's (OWASP) Application Security Verification Standard (ASVS) into a structured and analyzable metamodel. This model aims to effectively assess the security levels of web applications while offering valuable insights into their strengths and weaknesses. By combining the ASVS with a comprehensive framework, we aim to provide a robust methodology for evaluating and analyzing web application security.

show abstract

Security Qualitative Metrics for Open Web Application Security Project Compliance

Cited by 13 publications

References 4 publications

Desarrollo de una aplicación web utilizando Nextjs y metodologías agiles para mejorar los procesos administrativos internos y el manejo de finanzas de restaurantes del distrito de Villa el Salvador

Desarrollo de una aplicación web utilizando Nextjs y metodologías agiles para mejorar los procesos administrativos internos y el manejo de finanzas de restaurantes del distrito de Villa el Salvador

Cyber Security Standards in Popular Russian Websites through HTTP Observatory measurements

A Metamodel for Web Application Security Evaluation

Contact Info

Product

Resources

About