The Effect of Programmer Information Security Awareness on the Results of Vulnerability Assessments in Achieving Secure Applications

Hermawan Effendi, Surya Sumpeno, Achmad Affandi

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

The existence of application innovation is important for the operations of an organization. Information security is currently a challenge in building secure applications because hacking often occurs in critical or transactional information applications, such as the financial sector. In addition to applying good programming techniques, application programmers must have information security awareness to produce secure applications. Application security vulnerabilities are caused by programmers' lack of information security awareness. In this study, the measurement of programmer information awareness is juxtaposed with testing application security vulnerabilities. Measuring the level of information security awareness using knowledge, attitude, and behavior modeling with Manage Security Services indicators on COBIT 5 as the focus area and testing application security vulnerabilities using OWASP-ZAP according to OWASP TOP 10 best practices. Data processing using Structural Equation Modeling-Partial Least Square can provide information about the effect of programmer information security awareness on application security vulnerabilities. The information becomes input in improving the competence of programmers in the field of information security. As a result of the research, some findings and discussions are given at the end of this article to achieve secure application programming through increasing awareness of information security.

Original languageEnglish
Title of host publicationProceedings - 2022 2nd International Conference on Information Technology and Education, ICIT and E 2022
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages280-286
Number of pages7
ISBN (Electronic)9781665494335
DOIs
Publication statusPublished - 2022
Event2nd International Conference on Information Technology and Education, ICIT and E 2022 - Malang, Indonesia
Duration: 22 Jan 2022 → …

Publication series

NameProceedings - 2022 2nd International Conference on Information Technology and Education, ICIT and E 2022

Conference

Conference2nd International Conference on Information Technology and Education, ICIT and E 2022
Country/TerritoryIndonesia
CityMalang
Period22/01/22 → …

Keywords

  • information security awareness
  • manage security services
  • vulnerability assessment

Fingerprint

Dive into the research topics of 'The Effect of Programmer Information Security Awareness on the Results of Vulnerability Assessments in Achieving Secure Applications'. Together they form a unique fingerprint.

Cite this