Applied Cryptography

This course is targeting software professionals who aim to improve the security of the applications and services they develop through the use of cryptographic algorithms. The main focusof the course will be on how to address the main goals of information security, confidentiality, integrity, availability, authenticity and accountability (CIA++) from a practical perspective. The course will introduce specific frameworks that can be used to implement these features using different programming languages, such as C/C++, Python and Java. In addition, the course will highlight typical pitfalls related to the implementation of these security functions.

Consumer privacy - fundamentals

This course will give you an introduction and broadened you knowledge on consumer privacy on digital markets. It will give you the fundamentals of consumer and online privacy. The course outlines principles of user-centric privacy applicable to the design of online systems and choice architecture, focusing on user interface design and its psychological foundations. It addresses both theoretical and practical implications of online privacy. A central part of the course is for the course participants to apply theories, concepts, and models to problems related to online privacy and share experiences with each other. Discussions can be drawn upon personal experiences, case studies, and empirical research findings. The course also focuses on recognising and identifying ways to enhance online privacy (e.g., design principles, existing guidelines, and freely available repositories). The user-centric approach of the course indicates the importance of online privacy not only for individuals but also for groups, organisations, and society, taking into account the different definitions of consumer vulnerability. LEARNING OUTCOMESAfter completing the course, you should be able to: Describe online privacy, privacy rights, the role of usability, and their significance for decisions of an individual, as well as for a company/organisation.Explain select privacy-related attitudes & behaviours on the basis of some of the well-established theoretical privacy decision-making models.Distinguish and critically reflect on malicious practices that online services might employ to manipulate users and exploit their vulnerabilities.Account for and apply best practices enabling usable privacy and informed online privacy decisions. FOR WHOM?The course is aimed at working professionals who want to learn more about the topic and who processes digital information about consumers. It could, for example, be valuable for designers of UIs with whom consumers interact, and for individuals working in the public sector.  

Development Security Applications (DevSecOps)

This course is focused on how security as a field impacts and can be applied during the engineering of software products following continuous processes -especially agile and DevOps. The course aims to cover how to drive a secure agile and DevOps lifecycle with focus on the following components:• People: Enablement of agile teams for security through awareness, training and coaching• Processes: Introduction of security activities into agile and scaled agile development process such as Scrum or SAFe. Activities are based on relevant industry security standards• Technology: Description of security tools and technologies that can automate security activities in the agile & DevOps way of working, e.g.CI/CD Pipelines.

Fundamentals of Industrial Cybersecurity

In this course, you will be made aware of the state-of-the-art in cybersecurity research and state of practice in industry. Cybersecurity vulnerabilities are a threat to progress in the business sector and society. This is an accelerating threat due to the current rapid digitalisation, which in manufacturing is termed Industry 4.0. Companies are aware of this threat and realise the need to invest in countermeasures, but development is hampered by lack of competence.  

Methods and Tools for Industrial Cybersecurity

The course has the objective to provide proficiency in cybersecurity analysis and design in industrial settings, with a special focus on smart factories and Industry 4.0. To that aim, you will learn about advanced cybersecurity concepts, methodologies and tools. You will also be able to apply your knowledge to case-studies of industrial relevance.

Security for Critical Infrastructure (Operational Technology)

The course provides knowledge and skills needed for defending critical infrastructure against cyber attacks. The example if such attack is Blackenergy cyberattack on the Ukrainian electrical grid in 2015 by Sandworm group (Russian GRU). This course covers security in SCADA and cyberphysical systems (CPS) as well as the regulations and standards that are applicable that helps to ensure an audit trail.

Security Inventory for Software Development

According to the OWASP about 75% of vulnerabilities are actually application related. However, the consideration of security aspects during the various phases of software development is still in its infancy in many organizations and the potential of security by design to build high-quality software components is not exploited. Therefore, this course provides software project managers, product owners or software architects with knowledge and skills on how to successfully integrate and continuously improve security practices in traditional and agile development processes. It teaches how to assess and apply security practices in a risk-based way during the analysis, design, implementation, verification, and operation of software products, systems and services in all types of organizations.

Web Security

Modern web applications can often be described in terms of cooperation and sharing, both on the level of the users of the application and on the level of the application and the service providers. This course covers the most prevalent security challenges of web applications, from a theoretical and practical perspective.  

Web System Security

Web application security encompasses that the student should learn to understand and discover weaknesses and vulnerabilities in web applications both on the server side and on the client side as well as be able to develop solutions for protection and conduct tests.The course is given in 50% study pace on distance.