Business Academy Copenhagen (EK)

da

Security for Web Developers

2025/2026
Danish title
Sikkerhed for webudviklere
Study programme
Web Development
Software Development
Type of education
Full time education
Level of education
Bachelor (top-up)
Semester
6. semester
Duration of the subject/module
1 semester
Ects
10
Programme elements
Elective
Language
Danish
Start time
Autumn
Spring
Location
Håndværkergården, København N
Subject number
9941212
Responsible for the subject(s)/modul(es)
Kristoffer Miklas
Dany Kallas
Arturo Mora Rioja
  • Purpose and learning objectives

    The module is designed to give the students an idea of some of the challenges that web developers face when implementing web applications. It also gives some suggestions on how to handle these challenges, and what to be especially aware of.

    Knowledge

    The goal is that the student gains knowledge of:
    ● How hackers exploit web applications
    ● Basic web application security concepts
    ● Basic principles of cryptography
    ● Collecting information about new attack patterns
    ● Applying basic security assessment

    Skills

    The goal is that the student is able to:
    ● Apply risk management with focus on IT-security
    ● Apply the principle of layered security
    ● Spot potential security flaws in web applications
    ● Use best practice on some web security challenges

    Competences

    The goal is that the student is able to build a full stack web application designed with security in mind, and by applying secure principles

  • Type of instruction
    The teaching method is a mix of lectures, exercises and project work. Each lecture will consist of parts with new theory and parts with exercises. Afterwards the students will apply the new theory directly to their exam project - developing a template application with security built-in.

    The project work period is approx. 4 weeks during which the exam project is in focus.
  • Subject/module requirement for participation

    Academic requirement for participation
    Good skills in programming and knowledge about web technologies in general. The examples in class will be shown using the book examples plus a system built using JavaScript.

    You are allowed to use any reasonable programming language yourself for the exam project.

    Equipment needed to participate
    Windows PC, Mac or Linux
    - min 8 GB RAM (16 GB RAM preferably)
    - 200 GB available disk space
    - CPU with virtualisation hardware (usually available in most modern CPUs)
    - 15,6” screen or bigger is recommended

  • Exam

    The learning outcomes of the exam are identical with the learning outcomes of the subject(s)/modul(es)

    Prerequisites for access to the examination
    Since the course is worth 10 ECTS, there are two participation requirements. They are described on ItsLearning in the semester/class room. The participation requirement must be submitted on ItsLearning.
    Exam in one or more subjects
    Subject/module is tested standalone
    The elective requires a project and an exam.
    The project can be developed individually or in a group of up to 5 students. Individual projects are also allowed.
    The project is developed based on the topics covered in the course. Specific requirements for the project can be found in the semester/class's ItsLearning room.
    Type of exam
    Combined written and oral examination
    Oral exam based on project report
    Formal requirements
    A project report must be submitted.
    Max 15 pages + 5 pages per student.
    Ie a group of 2 students gives max 20 pages.
    Individual exam or group exam
    Individual or group, 1-5 participants
    Exam languages
    Danish (Norwegian/Swedish)
    Duration
    30 minutes per student
    Rules regarding exam aids
    All aids are allowed
    Available exam aids
    Projector
    Type of evaluation
    7-point grading scale
    Examiners
    Internal censure
    Exam criteria
    One aggregate grade is awarded based on an overall assessment of the project, the presentation and the following examination.
  • Preliminary literature list
    This is a preliminary literature list. A final literature list will be provided in connection with study start.
    The book Web Application Security, 2nd Edition, Andrew Hoffman, 2024, ISBN: 9781098143930 and relevant links.
  • Additional information
    This elective subject may not run in certain semesters (e.g., if not enough students choose it).

    Some classes may take place online.
62
hours of teaching
212
hours of preparation
The figure shows the extent of workload related to the subject divided into different study activities.

In the subject Security for Web Developers you will receive 62 hours of instruction, which corresponds to 82 lessons (1 lesson = 45 min.) and 23% of your total workload for the subject.

The teaching primarily consists of the following activities: classroom teaching, Online teaching.
The preparation primarily consists of the following activities: reading the curriculum, exercises, project work, reading your own notes.

Read about KEAs Study Activity Model

*KEA can deviate from the number of hours if this is justified by special circumstances