OWASP Top 10 -listan riittävyys kyberturvallisessa verkkosovelluskehityksessä

OWASP Top 10 -listan riittävyys kyberturvallisessa verkkosovelluskehityksessä

This bachelor's thesis delves into the ten most common risks in web application development, based on the OWASP (Open Web Application Security Project) Top 10 list available on their website. The thesis aims to address the question of whether the OWASP Top 10 list is sufficient when discu...

Full description

Bibliographic Details
Main Author: Jormakka, Tomi
Other Authors: Informaatioteknologian tiedekunta, Faculty of Information Technology, Informaatioteknologia, Information Technology, Jyväskylän yliopisto, University of Jyväskylä
Format: Bachelor's thesis
Language:fin
Published: 2023
Subjects:
Tietojärjestelmätiede
Information Systems Science
601
kyberturvallisuus
kehittäminen
tietoturva
Online Access: https://jyx.jyu.fi/handle/123456789/90856
_version_ 1826225813201092608
author Jormakka, Tomi
author2 Informaatioteknologian tiedekunta Faculty of Information Technology Informaatioteknologia Information Technology Jyväskylän yliopisto University of Jyväskylä
author_facet Jormakka, Tomi Informaatioteknologian tiedekunta Faculty of Information Technology Informaatioteknologia Information Technology Jyväskylän yliopisto University of Jyväskylä Jormakka, Tomi Informaatioteknologian tiedekunta Faculty of Information Technology Informaatioteknologia Information Technology Jyväskylän yliopisto University of Jyväskylä
author_sort Jormakka, Tomi
datasource_str_mv jyx
description This bachelor's thesis delves into the ten most common risks in web application development, based on the OWASP (Open Web Application Security Project) Top 10 list available on their website. The thesis aims to address the question of whether the OWASP Top 10 list is sufficient when discussing cybersecurity in web application development. OWASP is one of the most well-known international communities in the field of cybersecurity, with a mission to enhance safer web application development practices. The thesis employs a descriptive literature review methodology. The sources for the thesis have been gathered from the following databases: the Association for Computing Machinery and Google Scholar. The findings indicate that the OWASP Top 10 list serves as a solid foundation for cybersecurity in web application development. However, it is acknowledged that the Top 10 list does not cover all aspects of cybersecurity in web application development, as the field continues to evolve along with its technologies and trends. Therefore, adopting a model of continuous learning is recommended for those engaged in web application development. Tässä kandidaatintutkielmassa perehdytään kymmeneen yleisimpään verkkosovelluskehityksen riskiin pohjautuen OWASP verkkosivuilta löytyvään top 10 listaan. Tutkielma pyrkii vastaamaan kysymykseen, onko OWASP top 10 -lista riittävä puhuttaessa kyberturvallisesta verkkosovelluskehityksestä. OWASP (Open Worldwide Application Security Project) on kyberturvallisuuden alalla yksi tunnetuimpia kansainvälisiä yhteisöjä, jonka tarkoituksena on kehittää turvallisempaa verkkosovelluskehitystä. Tutkielma toteutetaan kuvailevana kirjallisuuskatsauksena. Tutkielman lähteet ovat kerätty seuraavista tietokannoista: Association for Computing Machinery ja Google Scholar. Tulokset osoittavat, että OWASP top 10 -lista on hyvä lähtökohta kyberturvalliselle verkkosovelluskehitykselle. Kuitenkaan top 10 -lista ei kata kaikkia näkökulmia kyberturvallisessa verkkosovelluskehityksessä. Lisäksi alan teknologia ja trendit kehittyvät, joten on suositeltavaa noudattaa jatkuvan oppimisen mallia verkkosovelluskehityksessä.
first_indexed 2023-10-27T20:01:01Z
format Kandityö
free_online_boolean 1
fullrecord [{"key": "dc.contributor.advisor", "value": "Saastamoinen, Anna", "language": null, "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "Jormakka, Tomi", "language": null, "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2023-10-27T07:17:42Z", "language": null, "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2023-10-27T07:17:42Z", "language": null, "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2023", "language": null, "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/90856", "language": null, "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "This bachelor's thesis delves into the ten most common risks in web application \r\ndevelopment, based on the OWASP (Open Web Application Security Project) \r\nTop 10 list available on their website. The thesis aims to address the question of \r\nwhether the OWASP Top 10 list is sufficient when discussing cybersecurity in \r\nweb application development. OWASP is one of the most well-known international communities in the field of cybersecurity, with a mission to enhance safer \r\nweb application development practices. The thesis employs a descriptive literature review methodology. The sources for the thesis have been gathered from \r\nthe following databases: the Association for Computing Machinery and Google \r\nScholar. The findings indicate that the OWASP Top 10 list serves as a solid \r\nfoundation for cybersecurity in web application development. However, it is \r\nacknowledged that the Top 10 list does not cover all aspects of cybersecurity in\r\nweb application development, as the field continues to evolve along with its \r\ntechnologies and trends. Therefore, adopting a model of continuous learning is \r\nrecommended for those engaged in web application development.", "language": "eng", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "T\u00e4ss\u00e4 kandidaatintutkielmassa perehdyt\u00e4\u00e4n kymmeneen yleisimp\u00e4\u00e4n verkkosovelluskehityksen riskiin pohjautuen OWASP verkkosivuilta l\u00f6ytyv\u00e4\u00e4n top 10 \r\nlistaan. Tutkielma pyrkii vastaamaan kysymykseen, onko OWASP top 10 -lista \r\nriitt\u00e4v\u00e4 puhuttaessa kyberturvallisesta verkkosovelluskehityksest\u00e4. OWASP\r\n(Open Worldwide Application Security Project) on kyberturvallisuuden alalla\r\nyksi tunnetuimpia kansainv\u00e4lisi\u00e4 yhteis\u00f6j\u00e4, jonka tarkoituksena on kehitt\u00e4\u00e4\r\nturvallisempaa verkkosovelluskehityst\u00e4. Tutkielma toteutetaan kuvailevana \r\nkirjallisuuskatsauksena. Tutkielman l\u00e4hteet ovat ker\u00e4tty seuraavista tietokannoista: Association for Computing Machinery ja Google Scholar. Tulokset osoittavat, ett\u00e4 OWASP top 10 -lista on hyv\u00e4 l\u00e4ht\u00f6kohta kyberturvalliselle verkkosovelluskehitykselle. Kuitenkaan top 10 -lista ei kata kaikkia n\u00e4k\u00f6kulmia kyberturvallisessa verkkosovelluskehityksess\u00e4. Lis\u00e4ksi alan teknologia ja trendit kehittyv\u00e4t, joten on suositeltavaa noudattaa jatkuvan oppimisen mallia verkkosovelluskehityksess\u00e4.", "language": "fin", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by Miia Hakanen (mihakane@jyu.fi) on 2023-10-27T07:17:42Z\r\nNo. of bitstreams: 0", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2023-10-27T07:17:42Z (GMT). No. of bitstreams: 0\r\n Previous issue date: 2023", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "28", "language": null, "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.language.iso", "value": "fin", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "In Copyright", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.title", "value": "OWASP Top 10 -listan riitt\u00e4vyys kyberturvallisessa verkkosovelluskehityksess\u00e4", "language": null, "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "bachelor thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-202310276883", "language": null, "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Bachelor's thesis", "language": "en", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Kandidaatinty\u00f6", "language": "fi", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Informaatioteknologia", "language": "fi", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Information Technology", "language": "en", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Tietoj\u00e4rjestelm\u00e4tiede", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Information Systems Science", "language": "en", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "yvv.contractresearch.funding", "value": "0", "language": null, "element": "contractresearch", "qualifier": "funding", "schema": "yvv"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_7a1f", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "openAccess", "language": null, "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "bachelorThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.subject.oppiainekoodi", "value": "601", "language": null, "element": "subject", "qualifier": "oppiainekoodi", "schema": "dc"}, {"key": "dc.subject.yso", "value": "kyberturvallisuus", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "kehitt\u00e4minen", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "tietoturva", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://rightsstatements.org/page/InC/1.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}]
id jyx.123456789_90856
language fin
last_indexed 2025-02-18T10:55:58Z
main_date 2023-01-01T00:00:00Z
main_date_str 2023
online_boolean 1
online_urls_str_mv {"url":"https:\/\/jyx.jyu.fi\/bitstreams\/7803d7d7-5d67-4b05-8128-3e319c6a1e21\/download","text":"URN:NBN:fi:jyu-202310276883.pdf","source":"jyx","mediaType":"application\/pdf"}
publishDate 2023
record_format qdc
source_str_mv jyx
spellingShingle Jormakka, Tomi OWASP Top 10 -listan riittävyys kyberturvallisessa verkkosovelluskehityksessä Tietojärjestelmätiede Information Systems Science 601 kyberturvallisuus kehittäminen tietoturva
title OWASP Top 10 -listan riittävyys kyberturvallisessa verkkosovelluskehityksessä
title_full OWASP Top 10 -listan riittävyys kyberturvallisessa verkkosovelluskehityksessä
title_fullStr OWASP Top 10 -listan riittävyys kyberturvallisessa verkkosovelluskehityksessä OWASP Top 10 -listan riittävyys kyberturvallisessa verkkosovelluskehityksessä
title_full_unstemmed OWASP Top 10 -listan riittävyys kyberturvallisessa verkkosovelluskehityksessä OWASP Top 10 -listan riittävyys kyberturvallisessa verkkosovelluskehityksessä
title_short OWASP Top 10 -listan riittävyys kyberturvallisessa verkkosovelluskehityksessä
title_sort owasp top 10 listan riittävyys kyberturvallisessa verkkosovelluskehityksessä
title_txtP OWASP Top 10 -listan riittävyys kyberturvallisessa verkkosovelluskehityksessä
topic Tietojärjestelmätiede Information Systems Science 601 kyberturvallisuus kehittäminen tietoturva
topic_facet 601 Information Systems Science Tietojärjestelmätiede kehittäminen kyberturvallisuus tietoturva
url https://jyx.jyu.fi/handle/123456789/90856 http://www.urn.fi/URN:NBN:fi:jyu-202310276883
work_keys_str_mv AT jormakkatomi owasptop10listanriittävyyskyberturvallisessaverkkosovelluskehityksessä

Similar Items