Skip to main content
Link list
Choose language
siirry suomenkieliselle sivulle change language to english

Web Application Security Testing (5cr)

Code

General information

Enrollment
17.11.2025 - 08.01.2026
Registration for introductions has not started yet.
Timing
12.01.2026 - 30.04.2026
The implementation has not yet started.
Number of ECTS credits allocated
5 cr
Local portion
5 cr
Mode of delivery
Face-to-face
Unit
School of Technology
Campus
Lutakko Campus
Teaching languages
Finnish
Seats
0 - 35
Degree programmes
Bachelor's Degree Programme in Information and Communications Technology
Teachers
Joonatan Ovaska
Groups
TTV24S1
Tieto- ja viestintätekniikka (AMK)
Course
TT00CE17

Unfortunately, no reservations were found for the realization Web Application Security Testing TT00CE17-3001. It's possible that the reservations have not yet been published or that the realization is intended to be completed independently.

Evaluation scale

0-5

Content scheduling

Assignments have weekly deadlines.

We go through OWASP TOP10 2021 list week by week basis and we do assignments based on those topics.

Objective

The student learns to understand the most common causes related to the security of web applications, learns to use tools and methods for detecting and exploiting common web applications and knows how to propose corrections to the risks found.

EUR-ACE Knowledge and understanding
You know the basic methods related to the security of web applications by applying theory and practice. You understand their importance when you implement analysis for web applications.

EUR-ACE Engineering practice
You can analyze the security of web applications using related methods applying practice and theory.

Content

In this course, you will learn to understand the root causes of common web application security issues and use tools and methods to detect and exploit vulnerabilities in web applications. You will be able to provide remediation suggestions for identified risks. You will understand the basic methods related to web application security and their importance in analysis. The course equips you with the skills to analyze web application security in both practical and theoretical contexts.

This course deals with applied cyber security. We go through common web application vulnerabilities through several practical exercises, using mostly real examples.

We deal with various weaknesses related to web applications, such as identification of authentication, input validation, and configuration errors.
We discuss the current trends in the cyber security environment and their effects on the network.
Topics covered:
-OWASP TOP 10
-Bug Bounty

Materials

Materials in the e-learning environment and the book: 978-1-59327-861-8 Real-world bug hunting : a field guide to web hacking

Teaching methods

- lectures
- independent study
- distance learning
- webinars
- exercises
- learning tasks
- book

Exam schedules

No exam, assessment is based on assignments.

Completion alternatives

The admission procedures are described in the degree rule and the study guide. The teacher of the course will give you more information on possible specific course practices.

Student workload

One credit (1 Cr) corresponds to an average of 27 hours of work.

- lectures 20 h
- reading assignments 15 h
- independent study 40 h
- assignment solving 50 h
- assignment reporting 10 h
Total 135 h

Assessment criteria, satisfactory (1)

Sufficient (1)
The student knows and understands the basic concepts and theory related to the security of web applications. The student is able to use the tools needed to test the security of web applications with assistance. The student knows that risks related to the security of web applications affect users of web applications in many areas.

Satisfactory (2)
The student knows and understands the basic concepts related to the security of web applications and the related theory. The student knows how to use the tools needed to test the security of web applications in a guided manner. The student knows that the risks related to the security of web applications and their effects on web application users are multifaceted.

Assessment criteria, good (3)

Good (3)
The student knows and understands the basic concepts related to the security of web applications and the related theory in a versatile way. The student knows how to use the tools needed to test the security of web applications. The student knows the risks related to the security of web applications and their effects on web application users in various fields.

Very Good (4)
The student knows and understands the concepts related to the security of web applications and the related theory in a versatile way. The student knows how to use the tools needed to test the security of web applications in an advanced manner. The student knows the risks related to the security of web applications and their effects on multidisciplinary web application users and other stakeholders.

Assessment criteria, excellent (5)

Excellent (5)
The student knows and understands the concepts related to the security of web applications and the related theory excellently. The student knows how to use the tools needed to test the security of web applications in an advanced manner, and is able to use new tools independently. The student knows and understands the risks related to the security of web applications and their multidisciplinary effects on web application users and other stakeholders.

Qualifications

Cyber Security
Linux basics

Further information

No exam, assessment is based on assignments.

Go back to top of page