ABSTRACT
Numerous vulnerabilities can be present in university web apps. Numerous known and unknown attacks are capable of taking advantage of these vulnerabilities. This article presents security architecture for enhancing the security of educational institution’s online applications. The Acunetix Vulnerability Scanner, Open Vulnerability Assessment System, and Zaproxy Scanner are used in the first step of vulnerability discovery in the network of educational institutions. This stage finds all noticeable weaknesses in the network of the educational institution. In this stage, all vulnerabilities that have been found are also evaluated for severity. To validate the flaws found in the initial phase, penetration testing is done. Cross-site scripting and SQL injection attacks were detected and confirmed in the first and second phases, respectively, and are addressed in phase three’s corrective mitigation strategy. This framework will enhance the security of educational institution network by identifying vulnerabilities, confirming vulnerabilities and then proposing a mitigation plan to encounter all the identified vulnerabilities.
