• A
  • A
  • A
  • ABC
  • ABC
  • ABC
  • А
  • А
  • А
  • А
  • А
Regular version of the site
For visually-impairedFor visually-impairedUser profile (HSE staff only)Search
Advanced search
Menu
HSE University
  • HSE University
  • Student Theses
  • Design and Development of an Analytical Data Warehouse for Supporting the Process of Conducting Penetration Tests and Preparing Reports on the Results of Vulnerability Assessments

Design and Development of an Analytical Data Warehouse for Supporting the Process of Conducting Penetration Tests and Preparing Reports on the Results of Vulnerability Assessments

Student: Baly`kov Egor

Supervisor: Alexei Lipatnikov

Faculty: Graduate School of Business

Educational Programme: Business Informatics (Bachelor)

Year of Graduation: 2024

The threats to business from information security are increasing every day. The number of cyberattacks is rising with the growing profitability of such attacks, and the public is becoming aware of new methods of conducting cyberattacks, which often outpace developments in defense mechanisms and tools. All companies, regardless of their size or industry, are vulnerable to cyberattacks. There will always be ways to penetrate a business's infrastructure, due to various factors such as human error, vulnerabilities in the software or code used. Recognizing this fact allows companies to strive to stay one step ahead in identifying new vulnerabilities that could lead to reputational and financial losses. Conducting controlled penetration tests is one of the effective ways for companies to discover vulnerabilities in their products before others do. The outcome of penetration tests is a significant amount of data on the vulnerabilities found, which require prompt remediation and secure storage of such information. To enhance the efficiency and speed of addressing these vulnerabilities, it is necessary to implement new functionality into existing company information systems. Data warehouses are one of the popular solutions to such problems, often complemented by data marts. Subsequently, BI tools are also used, which present the stored information in a presentable form through visualization in graphs and tables. This work is dedicated to the design and development of an analytical data warehouse for supporting the process of conducting penetration tests and preparing reports on the identified vulnerabilities. Initially, an analysis of the penetration testing process will be carried out, and the necessary models for the data warehouse and data marts will be designed. Subsequently, everything will be implemented in the chosen database management system (DBMS), data will be entered, and visualized through import into a BI report. Such a solution positively impacts the company by accelerating the process of addressing vulnerabilities found during penetration testing and making decisions regarding pentests.

Student Theses at HSE must be completed in accordance with the University Rules and regulations specified by each educational programme.

Summaries of all theses must be published and made freely available on the HSE website.

The full text of a thesis can be published in open access on the HSE website only if the authoring student (copyright holder) agrees, or, if the thesis was written by a team of students, if all the co-authors (copyright holders) agree. After a thesis is published on the HSE website, it obtains the status of an online publication.

Student theses are objects of copyright and their use is subject to limitations in accordance with the Russian Federation’s law on intellectual property.

In the event that a thesis is quoted or otherwise used, reference to the author’s name and the source of quotation is required.

Search all student theses