Penerapan Secure Coding Sebagai Cyber Security Based Pada PT. Industri Karet Deli
Kata Kunci:
Secure Coding, Cyber Security, OWASP, Information Systems, PT. Deli Rubber IndustryAbstrak
Cyber security is a crucial aspect in maintaining the integrity, confidentiality, and availability of a company's information systems. PT. Industri Karet Deli, as one of the national manufacturing companies that has implemented digital systems in its operations, faces significant challenges in terms of potential cyber threats. This study aims to apply secure coding principles as the basis for strengthening cyber security systems. The methods used include identifying security vulnerabilities in the company's internal applications, evaluating the source code, and implementing secure coding practices in accordance with OWASP (Open Web Application Security Project) standards. The research results show that the systematic implementation of secure coding can reduce system vulnerabilities by up to 60% compared to before implementation. These findings emphasize the importance of integrating security from the early stages of software development to create systems that are resilient to cyber attacks. Recommendations from this study include regular training for development teams and the adoption of code review policies as part of the continuous system development process.
Unduhan
Referensi
J. Andress, The basics of information security: Understanding the fundamentals of InfoSec in theory and practice. Syngress, 2014.
M. Howard and S. Lipner, The security development lifecycle: A process for developing demonstrably more secure software. Microsoft Press, 2006.
F. Wadly, Z. Ramadhan, M. Muslim, and D. A. Sitompul, "Design of tidal height monitoring equipment based on the Internet of Things for the preservation of mangroves at Kurnia My Darling Beach," in Proceeding of International Conference on Artificial Intelligence, Navigation, Engineering, and Aviation Technology (ICANEAT), vol. 1, no. 1, pp. 472-476, Nov. 2024.
M. Yusuf, A. Sanny, and Z. Ramadhan, "Deposit strategy of easy wadiah savings fund at Bank Syariah Indonesia," Lead Journal of Economy and Administration, vol. 2, no. 3, pp. 125-138, 2024.
Z. Ramadhan and H. Kurniawan, "Use of a mobile-based online public complaint system in Kebun Kelapa Village," International Journal of Computer Sciences and Mathematics Engineering, vol. 2, no. 2, pp. 90-99, 2023.
F. Wadly, Z. Ramadhan, and D. A. Sitompul, "Internet of Things based tidal monitoring system at Kurnia My Darling Beach," Journal of Information Technology, Computer Science and Electrical Engineering, vol. 1, no. 3, pp. 436-443, 2024.
Z. Ramadhan, F. Wadly, and G. C. Ananda, "E-commerce application design with web-based CodeIgniter framework," Journal of Information Technology, Computer Science and Electrical Engineering, vol. 1, no. 3, pp. 96-105, 2024.
[8] Z. Ramadhan and G. C. Ananda, "Implementation of cloud computing database system in education sector for student learning in higher education," PROSIDING FAKULTAS TEKNIK DAN ILMU KOMPUTER UNIVERSITAS DHARMAWANGSA, vol. 1, no. 1, pp. 161-169, 2024.
G. McGraw, Software security: Building security in. Addison-Wesley, 2006.
OWASP Foundation, "OWASP top ten web application security risks," 2021. [Online]. Available: https://owasp.org/www-project-top-ten/. [Accessed: 16-Jun-2025].
ISO/IEC 27001:2013, Information technology – Security techniques – Information security management systems – Requirements. International Organization for Standardization, 2013.
D. Kurniawan, Keamanan jaringan dan sistem informasi. Deepublish, 2020.
A. Ramadhani and N. Fitriani, "Analisis penerapan secure coding pada aplikasi web berbasis framework Laravel," Jurnal Teknologi dan Keamanan Informasi, vol. 9, no. 2, pp. 115-123, 2022.
A. Widodo, Pengantar keamanan sistem informasi. Informatika, 2019.
Kaspersky Lab, "What is cybersecurity?" 2023. [Online]. Available: https://www.kaspersky.com/resource-center/definitions/what-is-cyber-security. [Accessed: 16-Jun-2025].
R. A. Budi and D. Santoso, "Evaluasi keamanan aplikasi web menggunakan OWASP ZAP," Jurnal Teknik Informatika dan Sistem Informasi, vol. 7, no. 1, pp. 89-97, 2021.
OWASP Foundation, "OWASP top ten web application security risks," 2021.
M. Howard and S. Lipner, The security development lifecycle. Microsoft Press, 2006.
G. McGraw, Software security: Building security in. Addison-Wesley, 2006.
SANS Institute, "Secure coding practices checklist," 2020.
ISO/IEC 27001:2013, Information security management systems.
Unduhan
Diterbitkan
Cara Mengutip
Terbitan
Bagian
Lisensi
Artikel ini berlisensiCreative Commons Attribution-ShareAlike 4.0 International License.
HAK CIPTA
Hak cipta atas artikel apapun pada Jurnal Nasional Teknologi Komputer (JNASTEK) dipegang penuh oleh penulisnya dibawah lisensi Creative Commons Attribution-ShareAlike 4.0 International License.
1. Penulis mengakui bahwa Jurnal Nasional Teknologi Komputer (JNASTEK) berhak sebagai yang mempublikasikan pertama kali dengan lisensi Creative Commons Attribution-ShareAlike 4.0 International License - CC BY-SA.
2. Penulis dapat memasukan tulisan secara terpisah, mengatur distribusi non-ekskulif dari naskah yang telah terbit di jurnal ini kedalam versi yang lain (misal: dikirim ke respository institusi penulis, publikasi kedalam buku, dll), dengan mengakui bahwa naskah telah terbit pertama kali pada Jurnal Nasional Teknologi Komputer (JNASTEK).
LISENSI
Jurnal Nasional Teknologi Komputer (JNASTEK) diterbitkan berdasarkan ketentuan Creative Commons Attribution-ShareAlike 4.0 International License. Lisensi ini mengizinkan setiap orang untuk menyalin dan menyebarluaskan kembali materi ini dalam bentuk atau format apapun, menggubah, mengubah, dan membuat turunan dari materi ini untuk kepentingan apapun, termasuk kepentingan komersial, selama mereka mencantumkan kredit kepada Penulis atas ciptaan asli.
