Tjindarbumi, Adrian Aryasatya Putra (2026) Laporan Kerja Praktik Analisis dan Peningkatan Keamanan Sistem melalui SAST, Threat Modeling, dan OS Hardening pada PT Pertamina (Persero). Project Report. [s.n], [s.l.]. (Unpublished)
![[thumbnail of 5025221262-Project_Report.pdf]](http://repository.its.ac.id/style/images/fileicons/text.png) |
Text
5025221262-Project_Report.pdf - Accepted Version Restricted to Repository staff only Download (3MB) | Request a copy |
Abstract
Kegiatan magang ini dilaksanakan di PT Pertamina (Persero) dengan fokus pada analisis dan peningkatan keamanan sistem informasi di lingkungan perusahaan. Seiring meningkatnya ketergantungan terhadap sistem digital dalam mendukung operasional bisnis, diperlukan pendekatan keamanan yang komprehensif dan terintegrasi pada berbagai lapisan sistem. Metodologi yang digunakan meliputi analisis keamanan aplikasi menggunakan Static Application Security Testing (SAST) dan Software Composition Analysis (SCA), penerapan threat modeling berbasis kerangka STRIDE, serta penguatan keamanan perangkat operasional melalui OS hardening dan debloating pada sistem operasi HyperOS. Hasil analisis menunjukkan bahwa pemindaian otomatis Static Application Security Testing (SAST) dan SCA mampu mengidentifikasi potensi kerentanan, namun sebagian temuan bersifat false positive sehingga memerlukan validasi lanjutan berdasarkan konteks kode, versi library, dan lingkungan runtime. Penerapan threat modeling memungkinkan identifikasi ancaman secara sistematis pada tahap desain sistem dan transformasi hasilnya ke dalam risk register yang terstruktur melalui proses standarisasi ancaman dan kuantifikasi risiko secara semi-kuantitatif. Selain itu, implementasi OS hardening dan debloating berkontribusi dalam mengurangi attack surface dan meningkatkan kontrol keamanan perangkat operasional tanpa mengorbankan stabilitas sistem. Secara keseluruhan, hasil magang ini menunjukkan bahwa integrasi analisis keamanan aplikasi, threat modeling, dan penguatan sistem operasi dapat meningkatkan postur keamanan sistem informasi perusahaan secara berkelanjutan.
==================================================================================================================================
This internship was carried out at PT Pertamina (Persero), focusing on the analysis and improvement of information system security within the company environment. As reliance on digital systems to support business operations continues to increase, a comprehensive and integrated security approach is required across multiple layers of the system. The methodology used included application security analysis through Static Application Security Testing (SAST) and Software Composition Analysis (SCA), implementation of STRIDE-based threat modeling, and strengthening operational device security through OS hardening and debloating on the HyperOS operating system. The results showed that automated SAST and SCA scans were able to identify potential vulnerabilities; however, some findings were false positives, requiring further validation based on code context, library versions, and the runtime environment. The application of threat modeling enabled systematic identification of threats during the system design stage and the transformation of the results into a structured risk register through threat standardization and semi-quantitative risk quantification. In addition, the implementation of OS hardening and debloating contributed to reducing the attack surface and improving security controls on operational devices without compromising system stability. Overall, the internship results indicate that integrating application security analysis, threat modeling, and operating system strengthening can continuously improve the company’s information security posture.
| Item Type: | Monograph (Project Report) |
|---|---|
| Uncontrolled Keywords: | Keamanan Sistem Informasi, Static Application Security Testing (SAST), Software Composition Analysis (SCA), Threat Modeling, STRIDE, OS Hardening, Manajemen Risiko Keamanan, Information System Security, Security Risk Management. |
| Subjects: | Q Science > QA Mathematics > QA76.9.A25 Computer security. Digital forensic. Data encryption (Computer science) |
| Divisions: | Faculty of Intelligent Electrical and Informatics Technology (ELECTICS) > Informatics Engineering > 55201-(S1) Undergraduate Thesis |
| Depositing User: | Adrian Aryasatya Putra Tjindarbumi |
| Date Deposited: | 03 Feb 2026 03:40 |
| Last Modified: | 03 Feb 2026 03:55 |
| URI: | http://repository.its.ac.id/id/eprint/130025 |
Actions (login required)
 |
View Item |