ANALYSIS OF THE PROBLEMS OF USING EXISTING WEB VULNERABILITY STANDARDS-Reference-Cited by-同舟云学术

ANALYSIS OF THE PROBLEMS OF USING EXISTING WEB VULNERABILITY STANDARDS

Published:2023 Issue:22 Volume:2 Page:96-112
ISSN:2663-4023
Container-title:Cybersecurity: Education, Science, Technique
language:
Short-container-title:Cybersecurity

Author:

Petriv Petro^ORCID,Opirskyy Ivan^ORCID

Abstract

In today's digital environment, the security of web resources is of primary importance due to the constant increase in the number of web vulnerabilities. This creates potential risks for users and businesses. In this context, standards and methodologies for detecting web vulnerabilities serve as a key tool in their identification and elimination. The two leading standards in this area, OWASP Top 10 and CWE (Common Weakness Enumeration), provide detailed recommendations and overviews of common vulnerabilities. However, they differ in their approaches to vulnerability classification and assessment. This article focuses on an in-depth analysis and comparison of these standards, identifying their advantages and limitations. The main goal is to develop recommendations to optimize the use of these standards, adapted to the specific needs of organizations, to ensure a higher level of security of web resources.

Publisher

Borys Grinchenko Kyiv University

Reference15 articles.

1. Modeling of security systems for critical infrastructure facilities;Yevseiev;PC Technology Center,2022

2. Kurii, Y., & Opirskyy, I. (2021). Analysis and Comparison of the NIST SP 800-53 and ISO/IEC 27001:2013. In Cybersecurity Providing in Information and Telecommunication Systems, 3288, 21-32.

3. 2023 CWE Top 25 Most Dangerous Software Weaknesses. (2023). Cybersecurity & Infrastructure Security Agency. https://www.cisa.gov/news-events/alerts/2023/06/29/2023-cwe-top-25-most-dangerous-software -weaknesses

4. Nadeau, J. (2023). The top 10 API security risks OWASP list for 2023. Security Intelligence. https://securityintelligence.com/articles/the-top-10-api-security-risks-owasp-list-for-2023

5. Common Weakness Enumeration (CWE) Top 25. (2023). Common Weakness Enumeration https://cwe.mitre.org/top25/archive/2023/2023_top25_list.html