Application Security (5 cr)
Code: 3011640-3006
General information
- Enrollment
- 01.06.2025 - 12.09.2025
- Registration for the implementation has begun.
- Timing
- 01.09.2025 - 19.12.2025
- The implementation has not yet started.
- Number of ECTS credits allocated
- 5 cr
- Local portion
- 5 cr
- Mode of delivery
- Contact learning
- Unit
- Engineering and Business
- Campus
- Kupittaa Campus
- Teaching languages
- Finnish
- Seats
- 15 - 40
- Degree programmes
- Degree Programme in Business Information Technology
- Degree Programme in Information and Communication Technology
- Teachers
- Jani Ekqvist
- Groups
-
PTIETS23swisSoftware Development and Information Systems
-
PTIVIS23swisSoftware Development and Information Systems
- Course
- 3011640
Realization has 14 reservations. Total duration of reservations is 41 h 0 min.
| Time | Topic | Location |
|---|---|---|
|
Wed 10.09.2025 time 08:00 - 10:00 (2 h 0 min) |
Application Security 3011640-3006 |
ICT_C1042_Myy
MYY
|
|
Thu 11.09.2025 time 11:00 - 14:00 (3 h 0 min) |
Application Security 3011640-3006 |
ICT_C3036
Cyberlab / BYOD
|
|
Mon 15.09.2025 time 12:00 - 15:00 (3 h 0 min) |
Application Security 3011640-3006 |
ICT_C3036
Cyberlab / BYOD
|
|
Mon 22.09.2025 time 12:00 - 15:00 (3 h 0 min) |
Application Security 3011640-3006 |
ICT_C3036
Cyberlab / BYOD
|
|
Mon 29.09.2025 time 12:00 - 15:00 (3 h 0 min) |
Application Security 3011640-3006 |
ICT_C3036
Cyberlab / BYOD
|
|
Mon 06.10.2025 time 12:00 - 15:00 (3 h 0 min) |
Application Security 3011640-3006 |
ICT_C3036
Cyberlab / BYOD
|
|
Mon 20.10.2025 time 12:00 - 15:00 (3 h 0 min) |
Application Security 3011640-3006 |
ICT_C3036
Cyberlab / BYOD
|
|
Mon 03.11.2025 time 12:00 - 15:00 (3 h 0 min) |
Application Security 3011640-3006 |
ICT_C3036
Cyberlab / BYOD
|
|
Mon 10.11.2025 time 12:00 - 15:00 (3 h 0 min) |
Application Security 3011640-3006 |
ICT_C3036
Cyberlab / BYOD
|
|
Mon 17.11.2025 time 12:00 - 15:00 (3 h 0 min) |
Application Security 3011640-3006 |
ICT_C3036
Cyberlab / BYOD
|
|
Mon 24.11.2025 time 12:00 - 15:00 (3 h 0 min) |
Application Security 3011640-3006 |
ICT_C3036
Cyberlab / BYOD
|
|
Mon 01.12.2025 time 12:00 - 15:00 (3 h 0 min) |
Application Security 3011640-3006 |
ICT_C3036
Cyberlab / BYOD
|
|
Mon 08.12.2025 time 12:00 - 15:00 (3 h 0 min) |
Application Security 3011640-3006 |
ICT_C3036
Cyberlab / BYOD
|
|
Mon 15.12.2025 time 11:00 - 14:00 (3 h 0 min) |
Application Security 3011640-3006 |
ICT_C3036
Cyberlab / BYOD
|
Evaluation scale
H-5
Content scheduling
Period 3:
- Designing and implementing a secure web application
- Building secure continuous development and operations environment
Period 4:
- Application security threats, vulnerabilities, and attacks
- Application security principles
- Application security organizations and standards
Objective
After completing the course the student is able to:
- Understand common application security threats, vulnerabilities, and attacks
- Evaluate the technical and business impacts of different kinds of attacks
- Describethe security principles for developing high security web applications
- participate in high security web applications developing projects
- use security testing tools
- analyse and report the results from security testing
- give justified improvement proposals to mitigate security vulnerabilities
Content
- Network discovery, port and service identification
- Vulnerability scanning and penetration testing
- Web application security threats, vulnerabilities, and attacks
- The impacts of security breaches
- Web application security principles
- Implementing a secure web application
- Web application security organizations
Materials
Online material, provided through ItsLearning.
Teaching methods
Lectures
Self-Study with online materials
Laboratory Work
Project Work
Exam schedules
none
Pedagogic approaches and sustainable development
Lectures and self-study with online materials
Laboratory Work
Project Work
Sustainable development is not applicable.
Completion alternatives
none
Student workload
Lectures 12h
Self-Study with online materials 40h
Laboratory Work 40h
Project Work 40h
Project presentations and reflection 3h
Evaluation methods and criteria
The evaluation is based on:
- Homework assignments, 35% of grade
- Laboratory assignments, 35% of grade
- Project work, 30% of grade
Student must receive a passing grade in each category to pass the course.
Attendance is mandatory during contact hours to receive the points for the individual assignments and project work for proper assessment of learning.
Grading scale for completed assignments in each category is:
< 50% - Fail
50 - 59% - 1
60 - 69% - 2
70 - 79% - 3
80 - 89% - 4
90 - 100% - 5
Failed (0)
Student has incomplete understanding of application security and is unable to design and implement a secure software development process.
Assessment criteria, satisfactory (1-2)
Student is able to design, implement or operate a secure continuous development process with supervision.
Student has knowledge of application security threats, vulnerabilities and attacks, and understands the impacts of a security breach. Student is somewhat familiar with application security organizations and standards.
Assessment criteria, good (3-4)
Student is able to design and implement a secure continuous development process with supervision and operate it competently.
Student understands application security threats, vulnerabilities and attacks, and can mitigate the impacts of a security breach. Student is familiar with application security organizations and standards, and is able to utilize them in their work.
Assessment criteria, excellent (5)
Student is able to design and implement a secure continuous development process without supervision and operate it competently.
Student has an excellent understanding of application security threats, vulnerabilities and attacks, and can mitigate the impacts of a security breach. Student is familiar with application security organizations and standards, and is able to utilize them to create effective security processes.
Further information
All communication is through ItsLearning.