Security

The purpose of this course is to introduce security practices within the Software Development Lifecycle (SDLC) at the requirements, design, implementation, verification, and after release stages of software development. This course is the guide to the cybersecurity issues arising throughout the entire development process. We consider the development from the security perspective from the beginning stage until the final release and beyond. The course is adapted to give a solid introduction to non-security-experts mainly and addresses both how professionals (developers, managers, decision-makers) can utilize security to improve (software-based) products/services, and how they are affected by security issues and challenges. Whether you are a software developer in a bank or telecom company, or you are a product manager in a gaming company, this course will be relevant for you.

The course covers a comprehensive range of topics aimed at securing operating systems against various threats. It begins with an exploration of different hardening approaches, identification of default configuration weaknesses, and the implementation of the Zero-Trust model for network security. Participants learn to manage trusted sources for Linux installations and third-party software, as well as the significance of drivers and libraries signing. The course addresses OS patching and updating processes for Windows and Linux, cryptography for encrypting storage in both environments, and certificates management for secure communication. Participants also gain knowledge and skills in access and authentication methods, including the Least Privilege Principle, Role-Based Access Control (RBAC), and privilege access management tools.

This course covers areas of legal and ethical implications of ethical hacking. It also introduces detection and exploitation of vulnerabilities in IT infrastructure, including different reconnaissance techniques. The course provides in-depth understanding of the penetration testing phases, various attack vectors, and preventative countermeasures. The course encompasses that the student should learn to understand and discover weaknesses and vulnerabilities in information systems, perform the attacks, check the strength of existing security controls, etc.

Secure Software Architecture is a comprehensive course, focusing on practical implementation of security principles like essential principles such as zero trust, separation of duties, defense-in-depth, least privileges, etc. in modern on-premise and cloud infrastructures. Students will gain expertise in designing software systems that are not only functional but also resilient against cyber threats. Learn from industry experts, engage practical assignment, and master the art of adaptive security design. By course end, students will be equipped to create software architectures that stand strong in the face of modern challenges.

There is an increasing concern from users regarding the use and leakage of their personal data. Moreover, compliance with privacy regulations is required by the government and privacy should be incorporated by design and by default when developing software-intensive products and services. Hence, privacy has become a top challenge in software development and good privacy measures can improve data security and promote quality.