Wenny, Rizca (2024) Komparasi Analisis Kerentanan Dengan Tenable Nessus Scanner & Owasp Zed Attack Proxy Untuk Peningkatan Keamanan Situs Web Sistem Informasi Kepegawaian Universitas Merdeka Malang. Undergraduate thesis, Fakultas Teknologi Informasi Universitas Merdeka Malang.

Preview	Text HALAMAN AWAL.pdf Download (2MB) | Preview
Preview	Text BAB I.pdf Download (186kB) | Preview
	Text BAB II.pdf Restricted to Repository staff only Download (484kB)
	Text BAB III.pdf Restricted to Repository staff only Download (287kB)
	Text BAB IV.pdf Restricted to Repository staff only Download (570kB)
	Text BAB V.pdf Restricted to Repository staff only Download (148kB)
Preview	Text DAFTAR PUSTAKA.pdf Download (187kB) | Preview
Preview	Text HASIL CEK PLAGIASI.pdf Download (327kB) | Preview

Abstract

This study aims to compare the vulnerability analysis between Tenable Nessus Scanner and OWASP Zed Attack Proxy (ZAP) for improving the security of the Human Resource Information System (HRIS) website at Universitas Merdeka Malang. The research methodology includes the use of both Nessus and OWASP ZAP tools to scan the HRIS website for potential vulnerabilities. The findings of this research indicate that OWASP ZAP identified several critical web application vulnerabilities such as the absence of Anti-CSRF tokens, lack of Content Security Policy (CSP) headers, and missing Anti-Clickjacking headers, which are essential for maintaining the security and integrity of user data. On the other hand, Nessus Scanner focused more on network and server infrastructure vulnerabilities. The results suggest that OWASP ZAP is more effective for web application security in this context. Recommendations are provided to address the identified vulnerabilities and enhance the overall security of the HRIS website

Actions (login required)

View Item