Writing secure code is key to a successful DevOps environment. Secure code is a cybersecurity course targeted at developers. It is delivered online and teaches secure coding methodologies and practice through hands-on labs and directional screencasts over eight weeks, requiring ~10 hours of effort per week.
Students learn about the fundamentals of threat modelling, software design and development methodologies, continuous integration and testing pipelines, vulnerability classes and identification, static and dynamic analysis, and tooling. By the end of the course, students are equipped to participate in and develop secure software according to best practice.
What you will receive
What you will receive
Course Information
Writing secure code is key to a successful DevOps environment. Secure code is a cybersecurity course targeted at developers. It is delivered online and teaches secure coding methodologies and practice through hands-on labs and directional screencasts over eight weeks, requiring ~10 hours of effort per week.
Students learn about the fundamentals of threat modelling, software design and development methodologies, continuous integration and testing pipelines, vulnerability classes and identification, static and dynamic analysis, and tooling. By the end of the course, students are equipped to participate in and develop secure software according to best practice.
This course maps to the following NICE Framework KSAs (Knowledge, Skills & Abilities):
|
K0001: Knowledge of computer networking concepts and protocols, and network security methodologies. K0005: Knowledge of cyber threats and vulnerabilities. K0011: Knowledge of capabilities and applications of network equipment including routers, switches, bridges, servers, transmission media, and related hardware. K0019: Knowledge of cryptography and cryptographic key management concepts. K0044: Knowledge of cybersecurity and privacy principles and organisational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). K0049: Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarised zones, encryption). K0110: Knowledge of adversarial tactics, techniques, and procedures. K0113: Knowledge of different types of network communication (e.g., LAN, WAN, MAN, WLAN, WWAN). K0160: Knowledge of the common attack vectors on the network layer. K0161: Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks). K0162: Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored). |
K0177: Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). K0318: Knowledge of operating system command-line tools. K0332: Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services. S0073: Skill in using virtual machines. (e.g., Microsoft Hyper-V, VMWare vSphere, Citrix XenDesktop/Server, Amazon Elastic Compute Cloud, etc.). S0147: Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.). S0242: Skill in interpreting vulnerability scanner results to identify vulnerabilities. S0367: Skill to apply cybersecurity and privacy principles to organisational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation). A0119: Ability to understand the basic concepts and issues related to cyber and its organisational impact. |
What is the NICE Framework?
The National Initiative for Cybersecurity Education (NICE) Cyber Security Workforce Framework developed by the National Institute of Standards and Technology (NIST) establishes a taxonomy and common lexicon that describes cyber security work and job roles.
To find out more about the NICE Framework, go to: https://niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework
Courses will be held subject to sufficient registrations. UNSW Canberra reserves the right to cancel a course up to five working days prior to commencement of the course. If a course is cancelled, you will have the opportunity to transfer your registration or be issued a full refund. If registrant cancels within 10 days of course commencement, a 50% registration fee will apply. UNSW Canberra is a registered ACT provider under ESOS Act 2000-CRICOS provider Code 00098G.
UNSW Institute for Cyber Security is a unique, cutting-edge, interdisciplinary research and teaching centre, working to develop the next generation of cyber security experts and leaders.
The centre is based in Canberra at the Australian Defence Force Academy and provides professional, undergraduate and post graduate education in cyber security. Our air-gapped, state of the art cyber range offers a secure environment where we deliver a number of technical and highly specialised learning opportunities.
Our courses are designed to give the next generation of cyber security professionals the skill sets needed to thrive in the industry. We can also create bespoke professional education programs tailored to your organisation's needs.
Contact us at cyber@adfa.edu.au to discuss how.