Information system security is a crucial aspect in maintaining the confidentiality and integrity of user data. The IITC Intermedia website of Amikom Purwokerto University serves as an information system for national events and stores participants' personal data, necessitating a security evaluation. This study aims to analyze vulnerabilities on the website using the Vulnerability Assessment method with the OWASP ZAP tool. The research process involves data collection, vulnerability scanning, result analysis based on the OWASP Top 10 2021 categories, and providing technical recommendations. The scan results revealed 23 vulnerabilities, consisting of 1 high-risk, 4 medium-risk, 9 low-risk, and 9 informational findings. Among these, 15 vulnerabilities fall under the OWASP Top 10 classification. Key vulnerabilities identified include the use of outdated JavaScript libraries, security header misconfigurations, and weaknesses in session management and access control. Based on these findings, several mitigation measures are recommended to strengthen system security. This study emphasizes the importance of implementing OWASP standards in the development and management of web-based information systems.