Siirry suoraan sisältöön

Application SecurityLaajuus (5 op)

Tunnus: 3011640

Laajuus

5 op

Osaamistavoitteet

After completing the course the student is able to:
- Understand common application security threats, vulnerabilities, and attacks
- Evaluate the technical and business impacts of different kinds of attacks
- Describethe security principles for developing high security web applications
- participate in high security web applications developing projects
- use security testing tools
- analyse and report the results from security testing
- give justified improvement proposals to mitigate security vulnerabilities

Sisältö

- Network discovery, port and service identification
- Vulnerability scanning and penetration testing
- Web application security threats, vulnerabilities, and attacks
- The impacts of security breaches
- Web application security principles
- Implementing a secure web application
- Web application security organizations

Ilmoittautumisaika

02.07.2024 - 06.09.2024

Ajoitus

02.09.2024 - 13.12.2024

Opintopistemäärä

5 op

Toteutustapa

Lähiopetus

Yksikkö

Tekniikka ja liiketoiminta

Toimipiste

Kupittaan kampus

Opetuskielet
  • Englanti
Opettaja
  • Jani Ekqvist
Ryhmät
  • PTIETS22swis
    PTIETS22 Ohjelmistojen kehittäminen ja tietojärjestelmät

Tavoitteet

After completing the course the student is able to:
- Understand common application security threats, vulnerabilities, and attacks
- Evaluate the technical and business impacts of different kinds of attacks
- Describethe security principles for developing high security web applications
- participate in high security web applications developing projects
- use security testing tools
- analyse and report the results from security testing
- give justified improvement proposals to mitigate security vulnerabilities

Sisältö

- Network discovery, port and service identification
- Vulnerability scanning and penetration testing
- Web application security threats, vulnerabilities, and attacks
- The impacts of security breaches
- Web application security principles
- Implementing a secure web application
- Web application security organizations

Oppimateriaalit

Online material, provided through ItsLearning.

Opetusmenetelmät

Lectures
Self-Study with online materials
Laboratory Work
Project Work

Tenttien ajankohdat ja uusintamahdollisuudet

none

Pedagogiset toimintatavat ja kestävä kehitys

Lectures and self-study with online materials
Laboratory Work
Project Work

Sustainable development is not applicable.

Toteutuksen valinnaiset suoritustavat

none

Opiskelijan ajankäyttö ja kuormitus

Lectures 12h
Self-Study with online materials 40h
Laboratory Work 40h
Project Work 40h
Project presentations and reflection 3h

Sisällön jaksotus

Period 3:
- Application security threats, vulnerabilities, and attacks
- Application security principles
- Application security organizations and standards

Period 4:
- Designing and implementing a secure web application
- Building secure continuous development and operations environment

Viestintäkanava ja lisätietoja

All communication is through ItsLearning.

Arviointiasteikko

H-5

Arviointimenetelmät ja arvioinnin perusteet

The evaluation is based on:
- Homework assignments, 35% of grade
- Laboratory assignments, 35% of grade
- Project work, 30% of grade
Attendance is mandatory during contact hours to receive the points for the individual assignments and project work for proper assessment of learning.
Grading scale for completed assignments in each category is:
< 50% - Fail
50 - 59% - 1
60 - 69% - 2
70 - 79% - 3
80 - 89% - 4
90 - 100% - 5

Hylätty (0)

Student has incomplete understanding of application security and is unable to design and implement a secure software development process.

Arviointikriteerit, tyydyttävä (1-2)

Student is able to design, implement or operate a secure continuous development process with supervision.
Student has knowledge of application security threats, vulnerabilities and attacks, and understands the impacts of a security breach. Student is somewhat familiar with application security organizations and standards.

Arviointikriteerit, hyvä (3-4)

Student is able to design and implement a secure continuous development process with supervision and operate it competently.
Student understands application security threats, vulnerabilities and attacks, and can mitigate the impacts of a security breach. Student is familiar with application security organizations and standards, and is able to utilize them in their work.

Arviointikriteerit, kiitettävä (5)

Student is able to design and implement a secure continuous development process without supervision and operate it competently.
Student has an excellent understanding of application security threats, vulnerabilities and attacks, and can mitigate the impacts of a security breach. Student is familiar with application security organizations and standards, and is able to utilize them to create effective security processes.

Ilmoittautumisaika

01.05.2023 - 14.09.2023

Ajoitus

04.09.2023 - 15.12.2023

Opintopistemäärä

5 op

Toteutustapa

Lähiopetus

Yksikkö

Tekniikka ja liiketoiminta

Toimipiste

Kupittaan kampus

Opetuskielet
  • Suomi
  • Englanti
Paikat

15 - 40

Opettaja
  • Jani Ekqvist
Ryhmät
  • PTIETS21swis
    PTIETS21 Ohjelmistojen kehittäminen ja Tietojärjestelmät
  • ICTMODictprojSem
    MOD ICT Projects & Cybersecurity (International Semester)
  • ICT_MOD_UPV_23
    mahdolliset Valenciasta tulevat vaihtarit

Tavoitteet

After completing the course the student is able to:
- Understand common application security threats, vulnerabilities, and attacks
- Evaluate the technical and business impacts of different kinds of attacks
- Describethe security principles for developing high security web applications
- participate in high security web applications developing projects
- use security testing tools
- analyse and report the results from security testing
- give justified improvement proposals to mitigate security vulnerabilities

Sisältö

- Network discovery, port and service identification
- Vulnerability scanning and penetration testing
- Web application security threats, vulnerabilities, and attacks
- The impacts of security breaches
- Web application security principles
- Implementing a secure web application
- Web application security organizations

Arviointiasteikko

H-5

Ilmoittautumisaika

20.07.2022 - 15.09.2022

Ajoitus

29.08.2022 - 16.12.2022

Opintopistemäärä

5 op

Toteutustapa

Lähiopetus

Yksikkö

Tekniikka ja liiketoiminta

Toimipiste

Kupittaan kampus

Opetuskielet
  • Suomi
  • Englanti
Paikat

40 - 50

Koulutus
  • Tietojenkäsittelyn koulutus
Opettaja
  • Jani Ekqvist
Ryhmät
  • ICTMODictprojSem
    MOD ICT Projects & Cybersecurity (International Semester)
  • PTIETS20swis
    PTIETS20 Ohjelmistojen kehittäminen ja Tietoturva

Tavoitteet

After completing the course the student is able to:
- Understand common application security threats, vulnerabilities, and attacks
- Evaluate the technical and business impacts of different kinds of attacks
- Describethe security principles for developing high security web applications
- participate in high security web applications developing projects
- use security testing tools
- analyse and report the results from security testing
- give justified improvement proposals to mitigate security vulnerabilities

Sisältö

- Network discovery, port and service identification
- Vulnerability scanning and penetration testing
- Web application security threats, vulnerabilities, and attacks
- The impacts of security breaches
- Web application security principles
- Implementing a secure web application
- Web application security organizations

Arviointiasteikko

H-5