Skip to main content
Link list
Choose language
siirry suomenkieliselle sivulle change language to english

Web Application Security (5 cr)

Code: TTKW0210-3001

General information

Enrollment
02.11.2020 - 30.11.2020
Registration for the implementation has ended.
Timing
15.02.2021 - 30.04.2021
Implementation has ended.
Number of ECTS credits allocated
5 cr
Local portion
0 cr
Virtual portion
5 cr
Mode of delivery
Online learning
Unit
School of Technology
Campus
Lutakko Campus
Teaching languages
English
Seats
0 - 32
Degree programmes
Bachelor's Degree Programme in Information and Communications Technology
Teachers
Joni Gadd
Heikki Salo
Teacher in charge
Joonatan Ovaska
Groups
TTV18S1
Tieto- ja viestintätekniikka
Course
TTKW0210
No reservations found for realization TTKW0210-3001!

Evaluation scale

0-5

Objective

This course enables the student to think about web application security in a holistic fashion. The student will learn an effective toolset and methodology for finding, exploiting, and fixing common web application vulnerabilities.

Content

This is a course about applied cyber security. We will consider common web application vulnerabilities through a series of hands-on exercises using real-world examples (mostly).

We will address various topics related to web and web applications, such as the browser security model, input validation, servlet containers, databases and injections.

We will address current trends in cyber security landscape, and their effect on the web.

Materials

Materials in the e-learning environment.

Teaching methods

- lectures
- independent study
- distance learning
- webinars
- small group learning
- exercises
- learning tasks
- seminars

Employer connections

- visiting lecturers
- projects

Exam schedules

The possible date and method of the exam will be announced in the course opening.

Completion alternatives

The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.

Student workload

One credit (1 Cr) corresponds to an average of 27 hours of work.

- lectures 52 h
- exercises 15 h
- assignment 35 h
- independent study 33 h
Total 135 h

Assessment criteria, satisfactory (1)

Excellent 5: The student is able to independently find, exploit, and mitigate common web application vulnerabilities. The student is able to create and modify exploits to achieve the desired goals and write a succinct report that covers all the salient findings and mitigation recommendations for all vulnerability types addressed by this course. The student is able to update their knowledge independently by following various news and research outlets.

Very good 4: The student is able to find and mitigate common web application vulnerabilities. The student is able to modify and create simple exploits to achieve the desired goals and write a report that covers findings and mitigation recommendations for most vulnerability types addressed by this course. The student is able to update their knowledge independently by following various news and research outlets.

Good 3: The student is able to find and mitigate common web application vulnerabilities. The student is able to understand the working principles of existing exploit techniques and write a report that covers most findings and mitigation recommendations for most vulnerability types addressed by this course. The student is able to update their knowledge independently by following various news and research outlets.

Satisfactory 2: The student is able to find common web application vulnerabilities. The student is able to understand the working principles of existing exploit techniques and write a report that covers most findings and mitigation recommendations for most vulnerability types addressed by this course. The student is able to update their knowledge independently by following various news and research outlets.


Sufficient 1: The student is able to find simple web application vulnerabilities. The student is able to understand the basics of existing exploit techniques and write a report that covers findings and mitigation recommendations for some vulnerability types addressed by this course. The student is able to find information about major news and events.

0: The student does not meet the criteria set for grade 1.

The learning outcomes of individual courses are assessed in relation to the objectives of the course concerned. Unless otherwise defined in the curriculum, a course accepted as completed is assessed either on the following five-step scale: 5 (Excellent), 4 (Very Good), 3 (Good), 2 (Satisfactory), 1 (Sufficient) or it is graded as Pass/Fail, marked as “S (Pass)” and “0 (Fail)”.
If the student does not meet the minimum criteria set for the course, the grade is 0 (Fail).

Qualifications

The course requires a solid understanding of programming and previous experience in web technologies. The student must be comfortable using command line tools.

Further information

Note: Limitations of the COVID-19 situation

Go back to top of page