Evaluation of methodologies in web application security: A systematic literature review

Autores/as

  • Jose Alfredo Quesquen Farroñay Universidad Tecnológica Del Perú Utp - (Pe)
  • Jhair Julio Bances Quevedo Universidad Tecnológica Del Perú Utp - (Pe)
  • Eduardo Jesús Garces Rosendo Universidad Tecnológica Del Perú Utp - (Pe)
  • Oscar Enrique Osores Granda Universidad Tecnológica Del Perú Utp - (Pe)

DOI:

https://doi.org/10.18687/LACCEI2025.1.1.526

Palabras clave:

cyberattacks, vulnerabilities, SQL injection, Cross-Site Scripting, methodologies.

Resumen

The increasing reliance on web applications in organizations requires effective protection of sensitive data to maintain user trust. However, the diversity of methodologies to evaluate the security of these applications makes it difficult to select the most effective ones, exposing them to vulnerabilities such as SQL injection and Cross-Site Scripting attacks. This study aimed to analyze how static and dynamic analysis methodologies, together with automated and manual tools, contribute to identifying and mitigating these vulnerabilities. Through a systematic review of the literature, structured under the PICO technique, searches were carried out in databases such as Scopus, obtaining 1,279 initial documents. Through a PRISMA flowchart and considering the inclusion and exclusion criteria, 53 final studies were selected for analysis. The results highlight the need to develop standardized criteria that facilitate the choice of more effective methodologies to guarantee the security of web applications. However, a lack of consensus on optimal approaches was identified, representing a significant challenge for security professionals. In conclusion, although there are promising tools and methods, the diversity and absence of standardization limit their practical implementation, evidencing the importance of new research to close these gaps and move towards safer web environments.

Descargas

Publicado

2025-04-09

Número

Vol. 1 Núm. 12 (2025): LACCEI 2025

Sección

Articles

Licencia

Derechos de autor 2025 LACCEI

Creative Commons License

Esta obra está bajo una licencia internacional Creative Commons Atribución-NoComercial 4.0.

Cómo citar

Quesquen Farroñay, J. A., Bances Quevedo, J. J., Garces Rosendo, E. J., & Osores Granda, O. E. (2025). Evaluation of methodologies in web application security: A systematic literature review. LACCEI, 1(12). https://doi.org/10.18687/LACCEI2025.1.1.526

Artículos más leídos del mismo autor/a