Handbook - Extended Web Application Security and Testing

There is a more recent version of this academic item available.

Overview

Web applications are currently the predominant source of software vulnerabilities exploited in in online attacks. There is a growing need and growing demand for web programmers to be security aware. This course covers the main types of web application vulnerabilities and current best practice professional coding and testing practices to … For more content click the Read More button below. The course covers OWASP vulnerabilities cross site scripting browser security model and weaknesses Injection attacks DNS Man in the middle Data leakage Spoofing UI and Social vulnerabilities Assurance and Testing Standards. Course coverage will be constantly updated over time to reflect emerging vulnerabilities and practices. There are numerous formative assessments and activities throughout the course to provide feedback and learning opportunities. These do not directly contribute to your final grade but are expected to be used to provide evidence of your capabilities in your portfolio. A programming background is required. Students also need a keen devious and analytical mind. To get the most from this course students will need to engage in independent study and research and be able to act as independent self directed learners. This is the extended version of COMP6443. This course includes the material of COMP6443 plus penetration testing, and red teaming. Students will work in teams to conduct penetration tests and report on them to real and simulated clients.

Web applications are currently the predominant source of software vulnerabilities exploited in in online attacks. There is a growing need and growing demand for web programmers to be security aware.

This course covers the main types of web application vulnerabilities and current best practice professional coding and testing practices to be able to successfully develop secure web applications.

The course covers OWASP vulnerabilities cross site scripting browser security model and weaknesses Injection attacks DNS Man in the middle Data leakage Spoofing UI and Social vulnerabilities Assurance and Testing Standards. Course coverage will be constantly updated over time to reflect emerging vulnerabilities and practices.

There are numerous formative assessments and activities throughout the course to provide feedback and learning opportunities. These do not directly contribute to your final grade but are expected to be used to provide evidence of your capabilities in your portfolio.

A programming background is required. Students also need a keen devious and analytical mind. To get the most from this course students will need to engage in independent study and research and be able to act as independent self directed learners.

This is the extended version of COMP6443. This course includes the material of COMP6443 plus penetration testing, and red teaming. Students will work in teams to conduct penetration tests and report on them to real and simulated clients.

Conditions for Enrolment

Prerequisite: COMP6441 or COMP6841 or COMP9441

Exclusion Courses

Course

COMP6443

COMP6443 - Web Application Security and Testing

Delivery

In-person - Standard (usually weekly or fortnightly)

Please note that the above delivery information is an indication on how this course may be delivered within the year. Delivery mode(s) for each term can be viewed on other sources such as myUNSW and class timetable site.

This Handbook is a comprehensive catalogue of our offerings and includes courses that can be taken to satisfy program requirements irrespective as to their availability for a particular year. Availability of courses is best checked using filters on this site or on the class timetable site.

Course Outline

To access course outline please visit below link (Please note that access to UNSW Canberra course outlines requires VPN):

COMP6843 Course Outline

Fees

Type	Amount
Commonwealth Supported Students (if applicable)	$1003
Domestic Students	$4560
International Students	$6030

Disclaimer

Where a fee is displayed as “Not Applicable”, including some Work Experience and UNSW Canberra courses, please contact the relevant Faculty for any enquiry.

Note that the University reserves the right to vary student fees in line with relevant legislation. The fee information is provided as a guide and more specific information about fees, including policy, can be found here.

Commonwealth Supported Students:

Please refer to the information about new Student Contribution band classifications. Note that grandfathering arrangements are applicable for some cohorts of students, and other special arrangements apply for a limited number of programs. The Field of Education displayed on the right-hand side of this page may be applicable in understanding which fee rate will apply to you.

Where a Commonwealth Supported fee is displayed it does not guarantee that such places are available.

Pre-2019 Handbook Editions

Access past handbook editions (2018 and prior)

Pre-2019 Handbook Editions

Faculty
Faculty: The primary academic unit in which related disciplines of teaching and research are conducted.

Faculty of Engineering

School
School: The academic unit responsible for teaching in disciplines or subject areas (school is part of a faculty).

School of Computer Science and Engineering

Study Level
Study Level refers to the academic level of a program, specialisation or course.

Postgraduate

Offering Terms
Depending on the Academic Calendar type, an offering term generally refers to an academic teaching period of between 8-13 weeks in duration.

Term 2

Campus

Sydney

Academic Calendar

Field of Education

020100 Computer Science

Timetable

Visit timetable website for details