A Hybrid Cybersecurity Framework for Web Vulnerability Detection and Insider Threat Monitoring Using SIEM Techniques

A Hybrid Cybersecurity Framework for Web Vulnerability Detection and Insider Threat Monitoring Using SIEM Techniques

Prof. Mohammad Asif , DHRUV DARJI

Assistant Professor, Department of Computer Science and Engineering,

Parul Institute of Technology, Parul University, Gujarat, India

Students of Computer Science and Engineering, Parul Institute of

Engineering and Technology, Parul University, Gujarat, INDIA

ABSTRACT

Modern web-based SaaS platforms face an ever-expanding threat landscape encompassing external vulnerabilities, misconfigurations, and insider threats. Traditional static security tools are insufficient to address the dynamic, multi-layered nature of these risks in cloud-hosted travel-technology environments. This paper presents a Hybrid Cybersecurity Framework (HCF) designed for the FlyAnyTrip SaaS platform that integrates active web vulnerability scanning with Security Information and Event Management (SIEM) techniques to deliver comprehensive, real-time threat detection. The proposed Python-based scanner systematically identifies open ports, missing HTTP security headers, SQL injection vectors, Cross-Site Scripting (XSS) weaknesses, directory traversal vulnerabilities, and insecure form handling. Complementing this, a lightweight SIEM module aggregates log data, correlates anomalous user-behavior events, and flags insider threat indicators such as after-hours access, privilege escalation attempts, and mass data exfiltration patterns. Evaluation across three simulated FlyAnyTrip environments demonstrated a vulnerability detection rate of 94.3%, an insider-threat alert accuracy of 91.7%, and a false-positive rate of 6.8%. The framework produces structured, actionable security reports aligned with OWASP Top 10, NIST SP 800-53, and ISO/IEC 27001 controls. Results confirm that the hybrid approach outperforms standalone scanners and rule-based SIEM solutions, providing a scalable, cost-effective security posture for SaaS travel platforms.

Keywords: Web vulnerability scanning, SIEM, insider threat detection, Python security tools, OWASP, SaaS security, open port scanning, SQL injection, XSS, security headers, FlyAnyTrip, hybrid cybersecurity framework.