The purpose of this course is to identify, analyze and experiment with the most common web application and web service vulnerabilities and different methods for avoiding them.
- Setting: introduction to web applications and services; typical application scenarios and associated security considerations and vulnerabilities.
- Analysis: in-depth analysis of the selected vulnerabilities and practical experimentation including identification and exploitation.
- Protection: review of different methods to protect against the vulnerabilities and practical application.
Learning outcomes: The student should after course completion:
- be familiar with web applications and web services specifics,
- understand the most common classes of vulnerabilities,
- be able to identify and analyze potential vulnerabilities in applications, and
- have both theoretical and practical knowledge on how to protect against the vulnerabilities.
Related industrial challenges addressed in the course:
- Protection against injection attacks.
- Protection against attacks on authentication and session management.
- Protection against sensitive data exposure.
- Course title in Swedish: Praktisk cybersäkerhet
- Course code: DVA446 (at MdH), MDH-24019 (at antagning.se)
- Course syllabus at Mälardalen University
- Autumn 2018 instance at Mälardalen University
- Admission requirements: 120 credits of which at least 80 credits in technology or informatics, including at least 30 credits in programming or software development.
Applicants with at least 12 month (full-time) documented work-experience from software development have priority in the selection process.