You will acquire the skills and knowledge to match the following job descriptions, e.g.:
Bug Bounty Hunter
Security Tester (Generalist)
Offensive Security Specialist
The Attack Specialist and Penetration Tester major includes the following minor modules
Critical infrastructures security
Critical infrastructures are essential for the well-being of a nation and subject to daily attacks. Starting with current attacks and the identification of differences to classical office IT, relevant cyber security standards for automation and energy technology are considered. New aspects of critical infrastructures such as energy trading will be dealt with in more detail in preparation for the lab.
Critical infrastructures Lab
Application of cyber security in the lab of the HSLU, which resembles a Swiss power substation. Based on a simulated cyber attack, the lab’s security level is determined, different security concepts are implemented and the effects are observed - all as practice modules.
Security Operation Center Issues
SOC module prepares for supporting SOC teams and generates an understanding of technologies, processes and roles within a SOC. The gathering of data streams and logs will be evaluated automatically with technologies like machine learning and artificial intelligence.
Malware Analyse Labor
Advanced Penetration Testing
Our fast moving, and interconnected world leads to an increasing number of security critical programming errors. To detect these errors proactively, penetration tests are performed. In exercises and case studies the theory of complex attack methods is anchored and made applicable in practice.
Reverse Engineering 1
A sound understanding of interconnections from high level languages all the way down to machine code on processors is a prerequisite for developing fast and secure code. This module covers in detail the vertical axis from high level languages down to processor interfaces in theory as well as labs.
Reverse Engineering 2
Reverse engineering in software is the process carried out to regain high level language from executable code and is used to identify vulnerabilities but also to analyse malware. Fundamentals and an introduction to reverse engineering tools including Ghidra are core topics. Lab work will complement the theory blocks.
IT security alone is no longer sufficient and must be complemented with cyber defence & deterrence measures. For this purpose, Cyber Defence Centers are being built all over the world. Ethical Hacking, according to the cyber kill chain and detection of “zero day exploits,” are the goal of this module, as well as the content of the cyber defence module.
Students will learn about the basic techniques, tools and architectures of machine learning with a focus on e-commerce, regression analysis, classification via support vectors and decision trees, clustering and recommender systems.
Big Data Management
This module provides a reference model for Business and IT Alignment in Big Data Management (BDM). The aim of the course is to learn how to operationalize BDM in organisations; whether as a vision, strategy, concrete project or an entire programme. The Canvas Reference Model will illustrate how BDM can be designed to include controlled parameters in anything from data collection to business usage and will include understanding their integration, analysis and interaction.
System & Security
SysSec provides insights for system programming and system security. Students learn, how programs interact with the operating system, how to apply system calls, how operating systems create security and containments, and how and with which effort security concepts may be hacked.