Web Security (module BTI-4203)

Goals of this course

This part of the course aims at providing a good overview of a major software security issues: Web Security.
The students will see the most dangerous web securities issues (for instance XSS, XRSF, SQL injection, ...). They know how such flows can be exploited and know how one can protect a site. They have experienced this attacks on example web sites.

Moodle page

Moodle page for this course

Schedule

The specialisation courses are given on Fridays in Biel, 8:20 - 11:55.
Course is taught by Kai Brünnler, Emmanuel Benoist. The following schedule represents the courses of the Fall Term 2025-2026.

Day	Contents
19.09.2025	K. Bünnler
26.09.2025	K. Bünnler
03.10.2025	K. Bünnler
10.10.2025	K. Bünnler
17.10.2025	K. Bünnler
24.10.2025	K. Bünnler
31.10.2025	Injections
07.11.2025	K. Bünnler
14.11.2025	No course: Bloc week
21.11.2025	Broken Access Control
28.11.2025	Identification or Authentication Failures
05.12.2025	Cryptographic failures
12.12.2025	Cross Site Scripting
19.12.2025	Emmanuel Benoist - Other OWASP Top 10 problems
26.12.2025	No course: Weihnachtsferien / Vacances de Noel
02.01.2026	No course: Weihnachtsferien / Vacances de Noel
09.01.2026	Audit-Methodology and Risk Analysis
16.01.2026	No course: Finaltag

Evaluation

This course is part of the module BTI-4203 "Pa" module. Students will pass a written exam (120 minutes for only XML-security and Web-Security (parts taught by E. Benoist and K. Brünler)). This module gives 4 ECTS credits and is part of the Qualification Group C.
This course is also an optional module of the Master of Digital Forensics of the Unil. It counts for 3 ECTS. This module is examinated with an oral exam of 20 minutes.

Contact

Prof. Dr. Emmanuel Benoist
Berner Fachhochschule - TI
Quellgasse 21
CH-2501 Biel/Bienne
Switzerland
Mail: emmanuel.benoist (at) bfh.ch

Social Networks

Follow me on
Linkedin, Scholar & Research gate

http://www.ti.bfh.ch/