Computer code on split laptop screen

Graduate Certificate in Software Security

Application Fall 2024 Portal Information

  • November 1, 2023:  Application start
  • March 26, 2024:  Deadline for International applicants
  • July 12, 2024:  Deadline for Canadian/Permanent Residents

Lunch and Learn

Join our Lunch and Learn to hear more about our professional programs in the rapidly evolving fields of Quantum Computing, Data Science and Analytics and Information Security. 

Our one hour session will cover all three of our professional programs and a complimentary lunch will be provided. Faculty members will also be on hand to meet prospective students and answer questions.

Next Lunch and Learn:

Date: Thursday, June 20, 2024
Location: University of Calgary, Downtown Campus
Address: 906 8 Ave SW, Calgary, 
Time: 12 - 1 p.m.

Optimize your career with a Certificate in Software Security

 

The Graduate Certificate in Software Security is designed to provide specific, relevant training in ensuring the security of software systems, applications, mobile devices, and smart devices that are part of the Internet of Things (IoT). This program is for professionals looking to upgrade their skills, or recent graduates of an undergraduate program in computer science or a related field who want additional training to progress in their careers.

By the end of the program, you will:

  • Gain foundational knowledge in the principles of secure systems: systems security and software applications security.
  • Develop a secure software system or product that will be connected to the internet: anticipate potential threats and design options to secure a product.
  • Apply existing tools and practices into the software development process in order to enhance the security of their software.
  • Apply threat modeling, security design, and security assessment skills in the process of developing an innovative product such as a mobile application or other smart device.
  • Recognize the limitations of technical security measures, and strategize and evaluate ways to address gaps, including non-technical solutions such as deployment of policies and programs.
  • Communicate system design and security assessment results to a technical audience who may not be security experts.
  • Decide on courses of action based on relevant legal and ethical considerations.

Certificate Courses

Students enrolled in the Software Security Certificate will complete all “required” courses, ISEC 605, 623, 625 and ONE OF 4 “optional” courses, either ISEC 641, 643, 645 or 651 depending on their preference, for 4 courses or 12 credits total.

Operating systems security. Software vulnerabilities and their exploits. Malware. Computer system virtualization. Application-level security. Access control models. Identity and access management.

Practices and tools for preventing vulnerabilities in the software development life cycle, including threat modelling, secure coding idioms and secure design patterns, static analyzers for detecting vulnerabilities, fuzzing and other quality assurance practices.

Security architecture of common smartphone platforms and Internet-of-Things environments. Selected topics on threat modelling, penetration testing, and security-aware design for smartphones, home automation, wearables, vehicles and industrial control systems.

Information security strategy and its alignment with business goals. Business cases for information security investment. Legal and regulatory requirements. Roles and responsibilities in information security management. Security risk assessment and management.

Development of security policies. Policy compliance and enforcement. Policy considerations for social engineering and insider attacks. Information security standards. Security awareness and training programs. Privacy policies and compliance. Privacy Impact Assessment.

Design and implementation of process for identifying, analyzing and responding to information security incidents. Computer forensics. Organization and management of the incident response and forensics team. Tools and best practices.

Advanced topics in information security and privacy