Postgraduate diploma Security in Software Engineering

This high-quality program will allow the student to learn about the information security process, its implications in confidentiality, integrity, availability and economic costs, as well as to understand the problems related to software security, its vulnerabilities and their classification. With this highly scientifically rigorous program, the professional will acquire the knowledge required for internal IT control and for assessing and detecting vulnerabilities in online applications.

University certificate

duration

24 weeks

Modality

Online

Schedule

At your own pace

Exams

Online

start date

Credits

24 ECTS

financing up to

6 months

Price

The world's largest faculty of information technology”

Why study at TECH?

Specialize in computer systems with the help of professionals with extensive experience in the sector”

This comprehensive program in Security in Software Engineering will allow professionals in the IT industry to deepen their understanding and learn about the processes of management and monitoring of quality and secure software that meets the predefined requirements.

This Postgraduate diploma specializes students in Security in Software Engineering , with the aim of providing them with the knowledge and tools required for the design and control of complex systems, which reliably provide the answer to established problems.

The main objective of this training is that the student gains the ability to incorporate substantial qualitative improvements, providing new solutions to specific problems that arise. It also aims to educate professionals to be capable of using a systematic and quantifiable approach to software development and maintenance, so that they also obtain in-depth knowledge of computer programming and the implementation and planning of computer systems, from a practical perspective and adapted to the current reality.

With this program the student will have access to the most advanced teaching resources and will have the opportunity to study a program that brings together the most in-depth knowledge in the field. A group of highly scientifically qualified professors with extensive international experience will provide students with the most complete and up-to-date information on the latest advances and techniques in Software and Computer Systems Engineering.

The syllabus covers the main current topics in Security in Software Engineering in such a way that whoever masters them will be prepared to work in this field. Therefore, it is not just another diploma in your backpack, but a real learning tool to approach the topics of the specialty in a modern, objective way and with the ability to make a judgment based on today's most cutting-edge information.

It should be noted that since it is a 100% online Postgraduate diploma, the student is not conditioned by fixed schedules or the need to move to another physical location, but can access the contents at any time of the day, balancing their work or personal life with their academic life.

If they want to differentiate themselves from others and be capable of designing complex systems engineering projects, this is the program for them.

The completion of this Postgraduate diploma will place professionals in Security in Software Engineering at the forefront of the latest developments in the sector"

This Postgraduate diploma in Security in Software Engineering contains the most complete and up-to-date educational program on the market. The most important features include:

Practical cases presented by experts in Security in Software Engineering
The graphic, schematic, and practical contents with which they are created, provide scientific and practical information on the disciplines that are essential for professional development
Practical exercises where self-assessment can be used to improve learning
Its special emphasis on innovative methodologies in the field of Software Engineering
Theoretical lessons, questions to the expert, debate forums on controversial topics, and individual reflection assignments
Content that is accessible from any fixed or portable device with an Internet connection

This Postgraduate diploma is the best investment you can make when selecting a refresher program in the field of Security in Software Engineering . We offer you quality and free access to content"

Its teaching staff includes professionals belonging to the field of Security in Software Engineering , who contribute their work experience to this training, as well as renowned specialists from reference societies and prestigious universities.

The multimedia content, developed with the latest educational technology, will provide the professional with situated and contextual learning, i.e., a simulated environment that will provide immersive learning programmed to learn in real situations.

This program is designed around Problem-Based Learning, whereby the professional must try to solve the different professional practice situations that arise throughout the program. For this purpose, the professional will be assisted by an innovative interactive video system developed by renowned and experienced experts in Security in Software Engineering .

This program comes with the best educational material, providing you with a contextual approach that will facilitate your learning"

This 100% online Postgraduate diploma will allow you to combine your studies with your professional work. You choose where and when to train"

Syllabus

The structure of the contents has been designed by the best professionals in the Security in Software Engineering sector, with extensive experience and recognized prestige in the profession, and aware of the benefits that the latest educational technology can bring to higher education.   

We have the most complete and up-to-date scientific program on the market. We strive for excellence and for you to achieve it too” 

Module 1. Safety Management

1.1. Information Security

1.1.1. Introduction
1.1.2. Information Security Involves Confidentiality, Integrity and Availability
1.1.3. Safety is an Economic Issue
1.1.4. Safety is a Process
1.1.5. Classification of Information
1.1.6. Information Security Involves Risk Management
1.1.7. Security is Articulated with Security Controls
1.1.8. Security is both Physical and Logical
1.1.9. Safety Involves People

1.2. The Information Security Professional

1.2.1. Introduction
1.2.2. Information Security as a Profession
1.2.3. Certifications (ISC)2
1.2.4. The ISO 27001 Standard
1.2.5. Best Security Practices in IT Service Management
1.2.6. Information Security Maturity Models
1.2.7. Other Certifications, Standards and Professional Resources

1.3. Access Control

1.3.1. Introduction
1.3.2. Access Control Requirements
1.3.3. Authentication Mechanisms
1.3.4. Authorization Methods
1.3.5. Access Accounting and Auditing
1.3.6. Triple A" Technologies

1.4. Information Security Programs, Processes and Policies

1.4.1. Introduction
1.4.2. Security Management Programs
1.4.3. Risk Management
1.4.4. Design of Security Policies

1.5. Business Continuity Plans

1.5.1. Introduction to BCPs
1.5.2. Phase I and II
1.5.3. Phase III and IV
1.5.4. Maintenance of the BCP

1.6. Procedures for the Correct Protection of the Company

1.6.1. DMZ Networks
1.6.2. Intrusion Detection Systems
1.6.3. Access Control Lists
1.6.4. Learning from the Attacker: Honeypot

1.7. Security Architecture Prevention

1.7.1. Overview. Activities and Layer Model
1.7.2. Perimeter Defence (Firewalls, WAFs, WAFs, IPS etc.)
1.7.3. Endpoint Defence (Equipment, Servers and Services)

1.8. Security Architecture Detection

1.8.1. Overview Detection and Monitoring
1.8.2. Logs, Encrypted Traffic Breaking, Recording and Siems
1.8.3. Alerts and Intelligence

1.9. Security Architecture Reaction

1.9.1. Reaction Products, Services and Resources
1.9.2. Incident Management
1.9.3. CERTS y CSIRTs

1.10. Security Architecture Recuperation

1.10.1. Resilience, Concepts, Business Requirements and Regulations
1.10.2. IT Resilience Solutions
1.10.3. Crisis Management and Governance

Module 2. Software Security

2.1. Problems of the Software Security

2.1.1. Introduction to the Problem of Software Security
2.1.2. Vulnerabilities and their Classification
2.1.3. Secure Software Properties
2.1.4. References

2.2. Software Security Design Principles

2.2.1. Introduction
2.2.2. Software Security Design Principles
2.2.3. Types of S-SDLC
2.2.4. Software Security in S-SDLC Phases
2.2.5. Methodologies and Standards
2.2.6. References

2.3. Software Lifecycle Safety in the Requirements and Design Phases

2.3.1. Introduction
2.3.2. Attack Modeling
2.3.3. Cases of Abuse
2.3.4. Safety Requirements Engineering
2.3.5. Risk Analysis Architectural
2.3.6. Design Patterns
2.3.7. References

2.4. Software Lifecycle Safety in the Coding, Testing and Operation Phases

2.4.1. Introduction
2.4.2. Risk-Based Safety Testing
2.4.3. Code Review
2.4.4. Penetration Test
2.4.5. Security Operations
2.4.6. External Review
2.4.7. References

2.5. Secure Coding Applications I

2.5.1. Introduction
2.5.2. Secure Coding Practices
2.5.3. Manipulation and Validation of Inputs
2.5.4. Memory Overflow
2.5.5. References

2.6. Secure Coding Applications II

2.6.1. Introduction
2.6.2. Integers Overflows, Truncation Errors and Problems with Type Conversions between Integers
2.6.3. Errors and Exceptions
2.6.4. Privacy and Confidentiality
2.6.5. Privileged Programs
2.6.6. References

2.7. Development and Cloud Security

2.7.1. Safety in Development; Methodology and Practice
2.7.2. PaaS, IaaS, CaaS and SaaS Models
2.7.3. Security in the Cloud and for Cloud Services

2.8. Encryption

2.8.1. Fundamentals of Cryptology
2.8.2. Symmetric and Asymmetric Encryption
2.8.3. Encryption at Rest and in Transit

2.9. Security Automation and Orchestration (SOAR)

2.9.1. Complexity of Manual Processing; Need to Automate Tasks
2.9.2. Products and Services
2.9.3. SOAR Architecture

2.10. Telework Safety

2.10.1. Need and Scenarios
2.10.2. Products and Services
2.10.3. Telework Safety

Module 3. Security Audit

3.1. Introduction to Information Systems in the Company

3.1.1. Introduction to Information Systems in the Company and the Role of IT Auditing
3.1.2. Definitions of "IT Audit" and "IT Internal Control"
3.1.3. Functions and Objectives of IT Auditing
3.1.4. Differences between Internal Control and IT Auditing

3.2. Internal Controls of Information Systems

3.2.1. Functional Flowchart of a Data Processing Center
3.2.2. Classification of Information Systems Controls
3.2.3. The Golden Rule

3.3. The Process and Phases of the Information Systems Audit

3.3.1. Risk Assessment and Other IT Auditing Methodologies
3.3.2. Execution of an Information Systems Audit. Phases of the Audit
3.3.3. Fundamental Skills of the Auditor of an IT System

3.4. Technical Audit of Security in Systems and Networks

3.4.1. Technical Security Audits. Intrusion Test. Previous Concepts
3.4.2. Security Audits in Systems. Support Tools
3.4.3. Security Audits in Networks. Support Tools

3.5. Technical Audit of Security on the Internet and in Mobile Devices

3.5.1. Internet Security Audit. Support Tools
3.5.2. Mobile Devices Security Audit. Support Tools
3.5.3. Annex 1. Structure of an Executive Report and Technical Report
3.5.4. Annex 2. Tools Inventory
3.5.5. Annex 3. Methods

3.6. Information Security Management System

3.6.1. Security of IS: Properties and Influential Factors
3.6.2. Business Risks and Risk Management: Implementing Controls
3.6.3. Information Security Management System (ISMS): Concept and Critical Success Factors
3.6.4. ISMS-PDCA Model
3.6.5. ISMS ISO-IEC 27001: Organizational Context
3.6.6. Annex 4. Context of the Organization
3.6.7. Annex 5. Leadership.
3.6.8. Annex 6. Planning
3.6.9. Annex 7. Support
3.6.10. Annex 8. Operation
3.6.11. Annex 9. Performance Evaluation
3.6.12. Annex 10. Improvement
3.6.13. Annex to ISO 27001/ISO-IEC 27002: Objectives and Controls
3.6.14. ISMS Audit

3.7. Carrying Out the Audit

3.7.1. Procedures
3.7.2. Techniques

3.8. Traceability

3.8.1. Methods
3.8.2. Analysis

3.9. Copyright

3.9.1. Techniques
3.9.2. Results

3.10. Reports and Presenting Proof

3.10.1. Types of Reports
3.10.2. Data Analysis
3.10.3. Presenting Proof

Module 4. Online Application Security

4.1. Vulnerabilities and Security Issues in Online Applications

4.1.1. Introduction to Online Application Security
4.1.2. Security Vulnerabilities in the Design of Web Applications
4.1.3. Security Vulnerabilities in the Implementation of Web Applications
4.1.4. Security Vulnerabilities in the Deployment of Web Applications
4.1.5. Official Lists of Security Vulnerabilities

4.2. Policies and Standards for Online Application Security

4.2.1. Pillars for the Security of Online Applications
4.2.2. Security Policy
4.2.3. Information Security Management System
4.2.4. Secure Software Development Life Cycle
4.2.5. Standards for Application Security

4.3. Security in the Design of Web Applications

4.3.1. Introduction to Web Application Security
4.3.2. Security in the Design of Web Applications

4.4. Testing the Security and Online Protection of Web Applications

4.4.1. Web Application Security Testing and Analysis
4.4.2. Web Application Deployment and Production Security

4.5. Web Services Security

4.5.1. Introduction to Web Services Security
4.5.2. Web Services Security Functions and Technologies

4.6. Testing the Security and Online Protection of Web Services

4.6.1. Evaluation of Web Services Security
4.6.2. Online Protection. Firewalls and XML Gateways

4.7. Ethical Hacking, Malware and Forensics

4.7.1. Ethical Hacking
4.7.2. Malware Analysis
4.7.3. Forensic Analysis

4.8. Incident Resolution on Web Services

4.8.1. Monitoring
4.8.2. Performance Measurement Tools
4.8.3. Containment Measures
4.8.4. Root Cause Analysis
4.8.5. Proactive Problem Management

4.9. Best Practices to ensure Application Security

4.9.1. Handbook of Best Practices in the Development of Online Applications
4.9.2. Handbook of Good Practices in the Implementation of Online Applications

4.10. Common Errors that Undermine Application Security

4.10.1. Common Errors in Development
4.10.2. Common Errors in Hosting
4.10.3. Common Production Errors

A comprehensive and multidisciplinary training program that will allow you to excel in your career, following the latest advances in the field of Security in Software Engineering "

Postgraduate Diploma in Security in Software Engineering

Security in software engineering has become a fundamental concern in today's digital environment. The increasing reliance on computer systems and the interconnection of devices and applications has led to an increase in security risks and data vulnerability. To ensure the integrity, confidentiality and availability of information, it is essential to have highly trained security professionals in software engineering.

Enroll now and start advancing in your professional path

At TECH Global University, we offer you the Postgraduate Diploma in Software Engineering Security program, designed to provide you with the knowledge and skills necessary to identify and mitigate security risks in software development. This program is delivered online, giving you the flexibility to study from anywhere and adapt your learning to your schedule. Our program focuses on the key aspects of software engineering security, including secure system design, vulnerability identification, implementation of protective measures and security incident management. You will learn specialized techniques and tools to assess application security, protect data integrity and prevent cyber attacks. Upon completion of this program, you will be prepared to meet current and future security challenges in software engineering. You will be able to serve as a software security specialist, security consultant, risk analyst or security team leader in organizations across a variety of industries. Enroll in the Postgraduate Diploma in Software Engineering Security at TECH Global University and acquire the skills you need to protect information in the digital world! Get ready to stand out in the job market and be part of the drive for security in software development.