| Paper Title | |
| Authors | Publication Year |
| Source | Evaluator |
| Assessment of Quality | 1 0 −1 |
| WAS risk evaluation is provided in detail in the study? |
|
| The clear guidelines are provided in the study to apply the WAS risk evaluation risk method? |
|
| The clear results are provided after application of the WAS risk evaluation methods? |
|
| The study under observation has been published in a relevant journal/conference? |
|
| The other authors also cited the study? |
|
| Extraction of Data for Questions | Answers |
| Which journals/conferences include papers on web application security? | Journal/Conf Name |
| What risks in web application security are addressed? | Risk Name |
| Which risk from OWASP Top 10 web application security risks is addressed? | From OWASP Top 10 |
| Which solutions of web application security have been proposed for web application development? |
|
| Which type WAS method employed? | 1. Testing 2. Inspection 3.Inquiry Analytical 4. Modeling Simulation |
| Which type of evaluation is performed by the WAS risk evaluation methods employed? | 1. Automated 2. Manual |
| WAS risk evaluation methods is applied in which phase(s) and web artifacts? | 1. Requirement 2. Design 3. implementation |
| Any feedback provided by the WAS evaluation methods? | 1. Yes 2. No |
| There is empirical validation of web application security issue(s)? | 1. Case study 2. Experiment 3. Survey 4. No |