From UCNet
UC Berkeley team creates an award-winning digital security program
A web application security testing course created by the UC Berkeley Information Security team, in partnership with the School of Information’s Master of Information and Cybersecurity Program, is receiving industry awards and acknowledgment.
Through the UC Berkeley program, graduate students from the School of Information’s Master of Information and Cybersecurity Program gain exposure to app security testing, focusing on both the technical and business processes. This allows allows the UC Berkeley Information Security team to provide testing for approximately nine critical apps per year, at a cost of a little over $7,000 — considerably cheaper than the average range of costs reported by NetworkAssured.
To create the program, organizers worked with UC Berkeley legal and policy teams, to create a student code of conduct, and IT service teams, to create a virtual machine environment in which students could conduct testing. They also partnered with Portswigger, a vendor that provided free software licenses for its web attack proxy tool, Burp Suite Professional. This partnership allowed the program to save nearly $7,000 in annual costs...
The course is a joint venture between the I School’s Master of Information & Cybersecurity (MICS) program and Berkeley IT’s Information Security Office (ISO) and offers a small batch of cybersecurity students the opportunity to perform hands-on penetration testing of live campus systems and applications.
