Web-based applications are becoming a common choice for companies to deliver their services to their customers. In order to do so, they store data relating to their customers, making them a target for cybercriminals. These criminals make use of a variety of different errors and the vulnerabilities they cause to take control of the system, steal data or make the system unavailable. The costs generated through such attacks are rising annually, thus the security of web applications should be of a high priority. Therefore, the selection of an appropriate technology stack should be carried out with security in mind.
This thesis proposes an evaluation of used web application frameworks, libraries, and automated tools which are commonly used nowadays. The evaluation highlights different levels of security that can be achieved through the selection of common solutions containing web framework-native functionalities in combination with third-party libraries. Finally, automated tools such as Static Application Security Testing tools will be evaluated based on the level of support they give to make the previously defined solutions more secure. The result of these evaluations will give an overview of the coverage of vulnerabilities through these solutions and tools.
| Name | Type | Size | Last Modification | Last Editor |
|---|---|---|---|---|
| FinalPresentation_MasterThesis_MoritzHüther.pdf | 876 KB | 08.06.2021 | ||
| Kickoff_MasterThesis_MoritzHuether.pdf | 727 KB | 19.04.2021 | ||
| MastersThesis_MoritzHüther.pdf | 1,03 MB | 11.06.2021 |