Master's Thesis Moritz Hüther

---

Reducing Web Application Vulnerabilities through the Informed Choice of Webframeworks, Libraries and Automated Tools

Abstract

Web-based applications are becoming a common choice for companies to deliver their services to their customers. In order to do so, they store data relating to their customers, making them a target for cybercriminals. These criminals make use of a variety of different errors and the vulnerabilities they cause to take control of the system, steal data or make the system unavailable. The costs generated through such attacks are rising annually, thus the security of web applications should be of a high priority. Therefore, the selection of an appropriate technology stack should be carried out with security in mind.
This thesis proposes an evaluation of used web application frameworks, libraries, and automated tools which are commonly used nowadays. The evaluation highlights different levels of security that can be achieved through the selection of common solutions containing web framework-native functionalities in combination with third-party libraries. Finally, automated tools such as Static Application Security Testing tools will be evaluated based on the level of support they give to make the previously defined solutions more secure. The result of these evaluations will give an overview of the coverage of vulnerabilities through these solutions and tools.

---

Attribute	Value
Title (de)	Reduzierung der Schwachstellen von Webapplikationen durch die bewusste Wahl von Webframeworks, Bibliotheken und automatisierten Werkzeugen
Title (en)	Reducing Web Application Vulnerabilities through the Informed Choice of Webframeworks, Libraries and Automated Tools
Project
Type	Master's Thesis
Status	completed
Student	Moritz Hüther
Advisor	Dr. Sascha Nägele
Supervisor	Prof. Dr. Florian Matthes
Start Date	15.12.2020
Sebis Contributor Agreement signed on	02.12.2020
Checklist filled	Yes
Submission date	15.06.2021