Skip to main content

Web Application Security TestingLaajuus (5 cr)

Code: TT00CE17

Credits

5 op

Teaching language

  • English
  • Finnish

Responsible person

  • Joonatan Ovaska

Objective

The student learns to understand the most common causes related to the security of web applications, learns to use tools and methods for detecting and exploiting common web applications and knows how to propose corrections to the risks found.

EUR-ACE Knowledge and understanding
You know the basic methods related to the security of web applications by applying theory and practice. You understand their importance when you implement analysis for web applications.

EUR-ACE Engineering practice
You can analyze the security of web applications using related methods applying practice and theory.

Content

In this course, you will learn to understand the root causes of common web application security issues and use tools and methods to detect and exploit vulnerabilities in web applications. You will be able to provide remediation suggestions for identified risks. You will understand the basic methods related to web application security and their importance in analysis. The course equips you with the skills to analyze web application security in both practical and theoretical contexts.

This course deals with applied cyber security. We go through common web application vulnerabilities through several practical exercises, using mostly real examples.

We deal with various weaknesses related to web applications, such as identification of authentication, input validation, and configuration errors.
We discuss the current trends in the cyber security environment and their effects on the network.
Topics covered:
-OWASP TOP 10
-Bug Bounty

Qualifications

Auditing and Penetration Testing
Linux basics

Assessment criteria, satisfactory (1)

Sufficient (1)
The student knows and understands the basic concepts and theory related to the security of web applications. The student is able to use the tools needed to test the security of web applications with assistance. The student knows that risks related to the security of web applications affect users of web applications in many areas.

Satisfactory (2)
The student knows and understands the basic concepts related to the security of web applications and the related theory. The student knows how to use the tools needed to test the security of web applications in a guided manner. The student knows that the risks related to the security of web applications and their effects on web application users are multifaceted.

Assessment criteria, good (3)

Good (3)
The student knows and understands the basic concepts related to the security of web applications and the related theory in a versatile way. The student knows how to use the tools needed to test the security of web applications. The student knows the risks related to the security of web applications and their effects on web application users in various fields.

Very Good (4)
The student knows and understands the concepts related to the security of web applications and the related theory in a versatile way. The student knows how to use the tools needed to test the security of web applications in an advanced manner. The student knows the risks related to the security of web applications and their effects on multidisciplinary web application users and other stakeholders.

Assessment criteria, excellent (5)

Excellent (5)
The student knows and understands the concepts related to the security of web applications and the related theory excellently. The student knows how to use the tools needed to test the security of web applications in an advanced manner, and is able to use new tools independently. The student knows and understands the risks related to the security of web applications and their multidisciplinary effects on web application users and other stakeholders.