A case study on web application vulnerability scanning tools

Nor Izyani Daud, Khairul Azmi Abu Bakar , Mohd Shafeq Md Hasan

Research output: Chapter in Book/Report/Conference proceedingConference contribution

8 Citations (Scopus)

Abstract

This paper attempts to share about the tools that we used to perform vulnerability analysis within the organization. A study about background of tools that we had selected shall be elaborate in detail. As an experiment for the case study, we had performed vulnerability scanning that covered three different types of area; vulnerability scanning using different type of tools, vulnerability scanning using Nessus with different type of policy configuration and vulnerability scanning using Nessus with different time of executing the scanning. A detail description about the testing data, for example the project that we select and criteria for the scanning policy that we use will be explained. Result and finding from vulnerability scanning will be discussed in detail.

Original languageEnglish
Title of host publicationProceedings of 2014 Science and Information Conference, SAI 2014
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages595-600
Number of pages6
ISBN (Electronic)9780989319317
DOIs
Publication statusPublished - 1 Jan 2014
Externally publishedYes
Event2014 Science and Information Conference, SAI 2014 - London
Duration: 27 Aug 201429 Aug 2014

Other

Other2014 Science and Information Conference, SAI 2014
CityLondon
Period27/8/1429/8/14

Fingerprint

Scanning
Testing
Experiments

Keywords

  • scanning tool
  • security scanning
  • security scanning tool
  • vulnerability analysis
  • web application vulnerability scanning

ASJC Scopus subject areas

  • Information Systems

Cite this

Daud, N. I., Abu Bakar , K. A., & Hasan, M. S. M. (2014). A case study on web application vulnerability scanning tools. In Proceedings of 2014 Science and Information Conference, SAI 2014 (pp. 595-600). [6918247] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SAI.2014.6918247

A case study on web application vulnerability scanning tools. / Daud, Nor Izyani; Abu Bakar , Khairul Azmi; Hasan, Mohd Shafeq Md.

Proceedings of 2014 Science and Information Conference, SAI 2014. Institute of Electrical and Electronics Engineers Inc., 2014. p. 595-600 6918247.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Daud, NI, Abu Bakar , KA & Hasan, MSM 2014, A case study on web application vulnerability scanning tools. in Proceedings of 2014 Science and Information Conference, SAI 2014., 6918247, Institute of Electrical and Electronics Engineers Inc., pp. 595-600, 2014 Science and Information Conference, SAI 2014, London, 27/8/14. https://doi.org/10.1109/SAI.2014.6918247
Daud NI, Abu Bakar  KA, Hasan MSM. A case study on web application vulnerability scanning tools. In Proceedings of 2014 Science and Information Conference, SAI 2014. Institute of Electrical and Electronics Engineers Inc. 2014. p. 595-600. 6918247 https://doi.org/10.1109/SAI.2014.6918247
Daud, Nor Izyani ; Abu Bakar , Khairul Azmi ; Hasan, Mohd Shafeq Md. / A case study on web application vulnerability scanning tools. Proceedings of 2014 Science and Information Conference, SAI 2014. Institute of Electrical and Electronics Engineers Inc., 2014. pp. 595-600
@inproceedings{eeb654f260e24076ade411d0ea8a8dee,
title = "A case study on web application vulnerability scanning tools",
abstract = "This paper attempts to share about the tools that we used to perform vulnerability analysis within the organization. A study about background of tools that we had selected shall be elaborate in detail. As an experiment for the case study, we had performed vulnerability scanning that covered three different types of area; vulnerability scanning using different type of tools, vulnerability scanning using Nessus with different type of policy configuration and vulnerability scanning using Nessus with different time of executing the scanning. A detail description about the testing data, for example the project that we select and criteria for the scanning policy that we use will be explained. Result and finding from vulnerability scanning will be discussed in detail.",
keywords = "scanning tool, security scanning, security scanning tool, vulnerability analysis, web application vulnerability scanning",
author = "Daud, {Nor Izyani} and {Abu Bakar }, {Khairul Azmi} and Hasan, {Mohd Shafeq Md}",
year = "2014",
month = "1",
day = "1",
doi = "10.1109/SAI.2014.6918247",
language = "English",
pages = "595--600",
booktitle = "Proceedings of 2014 Science and Information Conference, SAI 2014",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - A case study on web application vulnerability scanning tools

AU - Daud, Nor Izyani

AU - Abu Bakar , Khairul Azmi

AU - Hasan, Mohd Shafeq Md

PY - 2014/1/1

Y1 - 2014/1/1

N2 - This paper attempts to share about the tools that we used to perform vulnerability analysis within the organization. A study about background of tools that we had selected shall be elaborate in detail. As an experiment for the case study, we had performed vulnerability scanning that covered three different types of area; vulnerability scanning using different type of tools, vulnerability scanning using Nessus with different type of policy configuration and vulnerability scanning using Nessus with different time of executing the scanning. A detail description about the testing data, for example the project that we select and criteria for the scanning policy that we use will be explained. Result and finding from vulnerability scanning will be discussed in detail.

AB - This paper attempts to share about the tools that we used to perform vulnerability analysis within the organization. A study about background of tools that we had selected shall be elaborate in detail. As an experiment for the case study, we had performed vulnerability scanning that covered three different types of area; vulnerability scanning using different type of tools, vulnerability scanning using Nessus with different type of policy configuration and vulnerability scanning using Nessus with different time of executing the scanning. A detail description about the testing data, for example the project that we select and criteria for the scanning policy that we use will be explained. Result and finding from vulnerability scanning will be discussed in detail.

KW - scanning tool

KW - security scanning

KW - security scanning tool

KW - vulnerability analysis

KW - web application vulnerability scanning

UR - http://www.scopus.com/inward/record.url?scp=84909619390&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84909619390&partnerID=8YFLogxK

U2 - 10.1109/SAI.2014.6918247

DO - 10.1109/SAI.2014.6918247

M3 - Conference contribution

AN - SCOPUS:84909619390

SP - 595

EP - 600

BT - Proceedings of 2014 Science and Information Conference, SAI 2014

PB - Institute of Electrical and Electronics Engineers Inc.

ER -