Schedule

The following course schedule is non-binding and may change at any time and without prior announcement.

 

No. Date Lecture Topic VOTD Lecturer
1 06.04.22 Intro CSRF Bodden
2 13.04.22 Requirements, Misuse & Abuse Cases SQL Injection Bodden
3 20.04.22 System Design / Threat Modeling XSS Venkatesh
4 27.04.22 Risk Management & Test Planning Log overflow, Path traversal Schott
5 04.05.22 Defensive Coding / Pitfalls Confused deputy Bodden
6 11.05.22 Correct usage of security mechanisms / Applied Crypto Hardcoded credentials, Hashing without salt Bodden
7 18.05.22 Applied Crypto (continued) Embedded DTDs, Poor PRNGs Schott
8 25.05.22 Code Inspection OS command injection, Uncontrolled format string Bodden
9 01.06.22 Vulnerability Assessment Cache poisoning Bodden
---- ----- End of 4CP-Course ----- -----
10 08.06.22 Deployment Race condition / time of check, time of use Bodden
11 15.06.22 Insider Threats TBA Bodden
12 22.06.22 Usability TBA Bodden
13 29.06.22 TBA    
14 06.07.22 Professional trainings in Secure Software Engineering - Dziwok
15 13.07.22 Recap   Bodden