Evaluation of methodologies in web application security: A systematic literature review

Authors

  • Jose Alfredo Quesquen Farroñay Universidad Tecnológica Del Perú Utp - (Pe)
  • Jhair Julio Bances Quevedo Universidad Tecnológica Del Perú Utp - (Pe)
  • Eduardo Jesús Garces Rosendo Universidad Tecnológica Del Perú Utp - (Pe)
  • Oscar Enrique Osores Granda Universidad Tecnológica Del Perú Utp - (Pe)

DOI:

https://doi.org/10.18687/LACCEI2025.1.1.526

Keywords:

cyberattacks, vulnerabilities, SQL injection, Cross-Site Scripting, methodologies.

Abstract

The increasing reliance on web applications in organizations requires effective protection of sensitive data to maintain user trust. However, the diversity of methodologies to evaluate the security of these applications makes it difficult to select the most effective ones, exposing them to vulnerabilities such as SQL injection and Cross-Site Scripting attacks. This study aimed to analyze how static and dynamic analysis methodologies, together with automated and manual tools, contribute to identifying and mitigating these vulnerabilities. Through a systematic review of the literature, structured under the PICO technique, searches were carried out in databases such as Scopus, obtaining 1,279 initial documents. Through a PRISMA flowchart and considering the inclusion and exclusion criteria, 53 final studies were selected for analysis. The results highlight the need to develop standardized criteria that facilitate the choice of more effective methodologies to guarantee the security of web applications. However, a lack of consensus on optimal approaches was identified, representing a significant challenge for security professionals. In conclusion, although there are promising tools and methods, the diversity and absence of standardization limit their practical implementation, evidencing the importance of new research to close these gaps and move towards safer web environments.

Downloads

Published

2025-04-09

Issue

Vol. 1 No. 12 (2025): LACCEI 2025

Section

Articles

License

Copyright (c) 2025 LACCEI

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

How to Cite

Quesquen Farroñay, J. A., Bances Quevedo, J. J., Garces Rosendo, E. J., & Osores Granda, O. E. (2025). Evaluation of methodologies in web application security: A systematic literature review. LACCEI, 1(12). https://doi.org/10.18687/LACCEI2025.1.1.526

Most read articles by the same author(s)