Analisis Keamanan Sistem Informasi Website Pemerintah Menggunakan Metode OWASP WSTG (Study Kasus: Deface Situs Kemendagri)
DOI:
https://doi.org/10.71282/jurmie.v2i11.1263Keywords:
Information System Security, Website Defacement, OWASP WSTG, Web Application Vulnerabilities, Government Cybersecurity, Server Configuration, Web Security Testing.Abstract
A defacement attack on the official website of the Ministry of Home Affairs (Kemendagri) demonstrates that government web applications still contain serious security gaps that can be exploited by malicious actors, indicating insufficient implementation of best-practice security standards. This study aims to analyze the security level of the Kemendagri website using the OWASP Web Security Testing Guide (WSTG) methodology. The research applies the OWASP WSTG testing framework to identify vulnerabilities related to authentication, authorization, input validation, server configuration, and system update management. The analysis compares field findings with WSTG testing categories to determine the most significant risk points. Supporting data were obtained from the reported defacement incident, which helps strengthen the threat context and illustrate the exploitation patterns involved. The results indicate that weaknesses in administrative access and suboptimal server configuration were the primary factors enabling the defacement attack. The application of OWASP WSTG proved effective in identifying critical vulnerabilities that could be exploited in government web applications. This study provides important contributions to government institutions by offering practical guidance for improving web application security through standardized testing, ongoing system maintenance, and the implementation of stronger security controls.
Downloads
References
Asri. (2025). Implementasi Cyber Security dalam Sistem Transaksi Keuangan Digital. Jurnal Teknologi dan Keamanan Siber, 2(4), 276–289.
https://ejournal.unib.ac.id/index.php/siber/article/view/26892
DetikNews. (2023). Situs Kemendagri Diretas dan Di-deface.
https://news.detik.com/berita/d-6926498/situs-kemendagri-diretas-dan-di-deface
Nasution, A. A. (2024). Analisis Keamanan Informasi dalam Sistem Informasi Manajemen: Tantangan dan Solusi di Era Cybersecurity. Jurnal Sistem Informasi, 2(2), 168–170.
https://ejournal.stmikroyal.ac.id/index.php/jutsi/article/view/2124
OWASP Foundation. (2021). OWASP Web Security Testing Guide v4.2.
https://owasp.org/www-project-web-security-testing-guide/
Sumaryanto, P. S. (2025). Analisis Implementasi Cyber Security pada Sistem Informasi Inventory di Perusahaan Dagang. Jurnal Sistem Informasi, 5(2), 185–194.
https://ejournal.unisla.ac.id/index.php/jsi/article/view/3593
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Oktaviana putri Agung, Fairuza Mayla Faizal, Irenia Mascharenhas (Author)
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
