[Owasp-education] FW: Input requested regarding new college course in Web and Mobile Application Security

Powell, Roger rpowell at sbccd.cc.ca.us
Sat Jun 29 14:48:59 UTC 2013

Roger Powell
Department Head
Computer Information Technology & Computer Science

Hello OWASP-Education,
Our very preliminary beginnings are at https://drive.google.com/folderview?id=0B7YRnP0BROiMblZwMGVrUUFsdUE&usp=sharing

I am a faculty member at San Bernardino Valley College (SBVC), a Community College in San Bernardino California.  I am part of a team that is beginning the development of a Computer Information Security program.  We will be using the National Institute for Cybersecurity Education (NICE) and the National Institute of Standards and Technology (NIST) recommendations as the basis of our program and anticipate developing both an AS degree and one or more certificates.  We have selected Mobile and Web Application Security as our first course.  This is a solicitation for comments from the OWASP education community.  Here are our beginning ideas for this course:

1) The purpose of the course is to help students discover the principles of Information Security (InfoSec) through hands-on activities in the context of Mobile and Web Application Security
2) The course should be useful for both working professionals (Software Developers, Network and Systems Admins) and community college students studying Computer Science (CS) and/or Information Technology (IT).
3) The course will use a "learn by doing" approach.  
4) The course will be modular, and as much as is feasible, the modules will be stand-alone - this will permit students to select only modules that are relevant to them and allow institutions teaching the course to customize it by selecting modules that meet their needs or add modules as they see fit.
5) The course should be deliverable using distance education, without requiring student attendance at a particular physical location

The team right now has two SBVC faculty members, one Mobile App Developer, and one Web Developer. 

We will be adding two or three SBVC students next week.

We would love to add one Network or Systems Administrator and an InfoSec professional.  If you would like to join, let me know.  We are planning to use Google Docs as our collaboration tool, so your physical location and time zone should not be a concern.

We are inviting any comments, but as we will be defining the course level Student Learning Outcomes (SLOs) - what the student should know and be able to do at the end of this course, next week, we are specifically soliciting input on this.  We will use course-level SLOs to define the modules required and then define module-level SLOs. Here are some things to consider when providing input:

1) This will be a lower-division college-level course
2) The prerequisite student knowledge and/or experience required
3) The hardware/software resources required

Please comment on an appropriate way to share our results with the OWASP education community.

Roger Powell

More information about the Owasp-education mailing list