Analisis Celah Keamanan Website Pemerintahan Kota Medan Berdasarkan Metode Open Web Application Security Project (OWASP)

Abstract

The rapid development of the internet and information has transformed various sectors, including government, which now heavily relies on websites to provide public services and information. However, vulnerabilities in website configuration and maintenance can open serious security gaps. Data from the National Cyber and Crypto Agency (BSSN) indicates there were 370.02 million cyber incidents in Indonesia throughout 2022–2023, with the government sector as the primary target. This research aims to analyze and enhance the security of the Medan City Government's websites using the Open Web Application Security Project (OWASP) approach. This analysis will focus on testing three predefined Medan City government URLs, including the official Medan City Government website, the Medan City General Election Commission (KPU), and the Medan City Central Statistics Agency (BPS) websites. The author developed a web dashboard system integrated with the OWASP ZAP API to perform automated and systematic vulnerability scans. This system is capable of visually displaying scan results, providing a mechanism to communicate findings, and presenting reports in PDF format. It is expected that this web dashboard system can significantly improve the effectiveness of digital security evaluations on the Medan City Government's websites, thereby strengthening defenses against cyberattacks and protecting public data.