Palabras Claves-Vulnerabilidades, OWASP, ataques web, PHP, programación segura, seguridad web.Abstract-Currently, most web applications contain security vulnerabilities. Probably, it is due to lack of culture of the developers or the absence of specific coding techniques. We analyzed certain works related, but we consider that they do not define detailed programming techniques, nor do they focus on a specific programming language. This work proposes a set of secure programming techniques to reduce vulnerabilities in web applications using the PHP. For this, ten vulnerabilities were determined using the OWASP TOP-10 recommendations. Then, the seven techniques are presented and their respective way of implementing them. The techniques are validated; the vulnerabilities of a web application are measured in two scenarios; with and without the implementation of the proposed techniques. The results show that the use of the proposed techniques is significantly related to the number of vulnerabilities found and therefore improves the level of security of web applications.
Desarrollo de capacidades de investigación para estudiantes universitarios mediante el uso de estrategias instruccionales en entornos virtuales de aprendizaje Developing research capacities for undergraduate students using
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.