Security Vulnerability Identification and Mitigation strategy - Microsoft and Web platform
Preferred learners
- Anywhere
- Academic experience
Categories
Skills
Project scope
- What is the main goal for this project?
-
We are in the development stage of an online learning platform that will take on clients on an annual membership basis. We will be building a client list, a sales and marketing contact list, and will eventually take payment online. The project has not developed a security protocol and does not employ any special software to enhance or protect data. This project would require a review of the security risks and vulnerabilities and implement the necessary protections.
- First, we would like students to get familiar with our product offering. We will provide a demo to provide a general understanding how it works.
- Second, students should spend time conducting research on state of the art pen testing technologies.
- Third, students should have a written plan of how to best determine vulnerabilities with a strategy to test and present it
- What tasks will learners need to complete to achieve the project goal?
-
Before research begins, students should present a strategy plan to us. This should include tools they will use, techniques for exploration, and any other information they feel like they need to present. This should be presented to us via a small slide deck or other means.
After research is complete, the final deliverable should be a written report detailing the security vulnerabilities that were identified, how any test was conducted and their outcome, recommendations for strategies to mitigate, and any further notes. Other items to consider for a final report should be:
- An executive summary detailing overview, timeline, key findings
- Categorizing all findings into vulnerability levels such as critical, high, medium, low
- High detailed summaries of any findings
- Low detailed summaries of any tests conducted with no findings
- A recap of any tools used
- Recommended plan for mitigation strategies
- Possible implementation of these strategies should time permit.
Final Deliverables:
Provide details about what the student will upload to the platform as their final deliverable(s).
- Executive Summary
- Report on vulnerability findings and recommended mitigation strategies
- Report on implementation (should time permit for implementation)
For students: To validate the completion of your work, please submit deliverables as uploaded files with a reflection note at the end of your project. These files can take various formats, including Word documents, PDFs, JPEG images, presentations, and more. We request tangible proof or an example showcasing your completed work. If the project involved an Non-Disclosure Agreement (NDA), please provide redacted deliverables or a sample of non-confidential work.
- What is the main goal for this project?
-
We are in the development stage of an online learning platform that will take on clients on an annual membership basis. We will be building a client list, a sales and marketing contact list, and will eventually take payment online. The project has not developed a security protocol and does not employ any special software to enhance or protect data. This project would require a review of the security risks and vulnerabilities and implement the necessary protections.
- First, we would like students to get familiar with our product offering. We will provide a demo to provide a general understanding how it works.
- Second, students should spend time conducting research on state of the art pen testing technologies.
- Third, students should have a written plan of how to best determine vulnerabilities with a strategy to test and present it
- What tasks will learners need to complete to achieve the project goal?
-
Before research begins, students should present a strategy plan to us. This should include tools they will use, techniques for exploration, and any other information they feel like they need to present. This should be presented to us via a small slide deck or other means.
After research is complete, the final deliverable should be a written report detailing the security vulnerabilities that were identified, how any test was conducted and their outcome, recommendations for strategies to mitigate, and any further notes. Other items to consider for a final report should be:
- An executive summary detailing overview, timeline, key findings
- Categorizing all findings into vulnerability levels such as critical, high, medium, low
- High detailed summaries of any findings
- Low detailed summaries of any tests conducted with no findings
- A recap of any tools used
- Recommended plan for mitigation strategies
- Possible implementation of these strategies should time permit.
Final Deliverables:
Provide details about what the student will upload to the platform as their final deliverable(s).
- Executive Summary
- Report on vulnerability findings and recommended mitigation strategies
- Report on implementation (should time permit for implementation)
For students: To validate the completion of your work, please submit deliverables as uploaded files with a reflection note at the end of your project. These files can take various formats, including Word documents, PDFs, JPEG images, presentations, and more. We request tangible proof or an example showcasing your completed work. If the project involved an Non-Disclosure Agreement (NDA), please provide redacted deliverables or a sample of non-confidential work.
About the company
- https://www.softskillable.com
- 2 - 10 employees
- Business & management, Business services, Education
Applied expertise. Inspired solutions.
With over 40 years of combined experience in industry associations, Stratesco Group aims to help associations with the hard things. Our expertise in policy and science-based issue development, regulatory affairs, technical standards, and organizational excellence enables us to help our clients with a their most pressing needs.
Our SoftSkillable™ Member Experience program as part of our Organizational Excellence expertise is launching soon. SoftSkillable™ goes beyond conventional training and provides customized learning plans that keep our clients accountable as they adopt new skills. Such plans also include virtual and in-person progress check-ins that are tailored to each client’s needs and schedule.
We help our clients shift their mindsets so they are in the best headspace to approach challenges.