The purpose of this course is to identify, analyse and experiment with the most common web application and web service vulnerabilities and different methods for avoiding them.
- Setting: introduction to web applications and services; typical application scenarios and associated security considerations and vulnerabilities.
- Analysis: in-depth analysis of the selected vulnerabilities and practical experimentation including identification and exploitation.
- Protection: review of different methods to protect against the vulnerabilities and practical application.
Learning outcomes: The student should after course completion:
- be familiar with web applications and web services specifics,
- understand the most common classes of vulnerabilities,
- be able to identify and analyse potential vulnerabilities in applications, and
- have both theoretical and practical knowledge on how to protect against the vulnerabilities.
Related industrial challenges addressed in the course:
- Protection against injection attacks.
- Protection against attacks on authentication and session management.
- Protection against sensitive data exposure.
Upcoming instances: September 2018
- Course title in Swedish: Webapplikationssäkerhet
- Course code: DVA456 (at MdH), MDH-24114 (at antagning.se)
- Course syllabus at Mälardalen University
- Autumn 2017 instance has been cancelled.
- Admission requirements: 120 credits of which at least 80 credits in Computer Science and / or equivalent. In addition, at least 18 months of documented work experience in software development.