Web Application Security
Software Engineering
Faculty of Engineering
First Cycle (Bachelor's Degree)
| Course Unit Title | Course Unit Code | Type of Course Unit | Level of Course Unit | Year of Study | Semester | ECTS Credits |
|---|---|---|---|---|---|---|
| Web Application Security | YZM438 | Elective | Bachelor's degree | 4 | Spring | 5 |
Name of Lecturer(s)
Assistant Prof. Dr. Kaplan KAPLAN
Learning Outcomes of the Course Unit
1) Recognize common risks and vulnerabilities of web applications.
2) Recognize weakness avoidance strategies and techniques.
3) Uses up-to-date web application technologies securely.
4) Can integrate security features into web applications.
5) It can perform security audits of web applications, analyze and interpret the results.
6) Uses necessary techniques and tools for web application security.
Program Competencies-Learning Outcomes Relation
| Program Competencies | |||||||||||||
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | ||
| Learning Outcomes | |||||||||||||
| 1 | Middle | No relation | No relation | Low | No relation | No relation | High | Low | No relation | No relation | Low | No relation | |
| 2 | Middle | No relation | No relation | Low | No relation | No relation | Middle | Low | No relation | No relation | Low | No relation | |
| 3 | Middle | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | No relation | Low | No relation | |
| 4 | Middle | No relation | No relation | Middle | No relation | No relation | Middle | Low | No relation | No relation | Middle | No relation | |
| 5 | Middle | No relation | No relation | Low | No relation | No relation | High | Low | No relation | No relation | Middle | No relation | |
| 6 | Middle | Middle | No relation | Low | No relation | No relation | High | Low | No relation | No relation | Middle | No relation | |
Mode of Delivery
Face to Face
Prerequisites and Co-Requisites
None
Recommended Optional Programme Components
Not Required
Course Contents
Introduction to web application security: defense mechanisms, web application technologies. application mapping and skipping client-side controls. Authentication attacks. Session management and access control. Database attacks injection. Backend component attacks. Attacks on application logic. User attacks. Automating customized attacks and data spoofing attacks. Attacks on application architecture and application server. Web application security testing tools: setting up a virtual lab and toolkit
Recommended or Required Reading
Planned Learning Activities and Teaching Methods
Assessment Methods and Criteria
Language of Instruction
Turkish
Work Placement(s)
Not Required