Web Security

ICT2206

This module introduces students to the domain of web security, with focus on web application security, and the security of web application servers and infrastructure. Students will be introduced to common web application vulnerabilities, and how such vulnerabilities could be exploited to, e.g., steal data, bypass authentication and business logic, to more severe situations such as remotely launching executable codes on the server.

Students will be given the opportunity to try these attacks out themselves using tools and techniques taught, and learn approaches to mitigate such threats. Students will also learn about web application servers and infrastructure, and how to configure them for security, as well as policy and governance aspects pertaining to web security.

The module consists of lectures and practical sessions, and students are assessed completely via practical assessments and assignments.