4

I need some information about universities that offer Master degree in Information Security with an emphasis on web application security Specifically things like web application penetration, code review course, defending web applications, etc.

AviD
  • 72,138
  • 22
  • 136
  • 218
Bahi
  • 187
  • 1
  • 1
  • 4

5 Answers5

3

I think your best bet is to build your own master's - I don't know of any programs with that specific focus. My strategy would be to hunt down universities that are strong in both Info Security and Software Engineering, and then work out a program with your adviser that combines the two.

I could be closed minded, but IMO, you're not going to get enough material specifically on web app security to form an entire degree. You're going to have to branch out either into web app development or general Info Security. Also, in terms of careers, you probably need more than just web app security and either being a solid web app developer, or an overall InfoSec guy with a strength in web apps will give you a broader base for the job hunt.

bethlakshmi
  • 11,606
  • 1
  • 27
  • 58
2

You asked about Master's, and the quality of a PhD program doesn't always reflect on the quality of Master's programs, but with that caveat, I've dealt with top-notch security researchers from Berkeley, Stanford, and Brown. I've heard that Princeton has a good program too, but I have no personal experience with anyone from there recently.

Mike Samuel
  • 3,873
  • 17
  • 25
1

Look for programs listed under titles like "Information Security" and "Computer Forensics". That is, essentially I think, what you want. There aren't so many masters programs offered in these fields that it'd be impossible to filter them manually to try and find which school(s) have a lot of stuff on Web Application security.

In any case, the more 'general' security knowledge is going to help a lot in a web application sense. Everything is very much related, and concepts in one area can be applied to those in another.

I know off-hand that RPI, RIT, and Carnegie Mellon (all in the United States) all have masters programs in a 'security' field. I believe the Imperial College of London (England) has programs that are applicable as well.

  • Computer Forensics probably has very overlap with what Bahi is looking for, I'm afraid. – D.W. Sep 14 '11 at 08:03
1

In the UK there are many universities with degrees and master's degrees in information security. Royal Holloway and Westminster are very well respected in this regard, but to be honest I think you will just need to search yourself, as @Beth said.

Rory Alsop
  • 61,367
  • 12
  • 115
  • 320
0

Depends on what you are looking for i.e. 4 years undergrad with hons or postgrad 1 year with masters?

Abertay offers an ethical hacking course, it is still young (5 years) but its ok, I did my postgrad there. It is a mix of modules the best being the ethical hacking module, involves hacking windows/networks/web sites etc. you spend about a week studying something eg 1 hour lecture on port scanning and everything involved in it, additional reading then 2 hour practical lab about how to do it etc. Then next week you move onto something else, unless its a bigger topic (which port scanning was, 2 weeks).

You study a range of topics and you should pick one topic you enjoy the most and study it eg if you want to do web security get the web application hacker's handbook and focus on that while studying other modules.

As for the masters project its self you need to have a good idea, you cant just test a web app and write a report about how easy it is to hack.

phone on the floor
  • 89
  • 1