Teaching
At Heilbronn University, we are reshaping how security experts are trained. Starting in Winter 2025/26, we introduced a dedicated Cybersecurity Specialization embedded in our Computer Science programs.
I had the privilege of designing this curriculum from scratch and now lead this specialization. My goal was to move away from dry theory to maximize "keyboard time." We teach security as it happens in the real world: offensive, defensive, and analytical.
Why this matters 🚀
This curriculum is brand new and built for the modern threat landscape. As the head of this specialization, I am proud to work with a team of professors and lecturers who share a genuine passion for security and teaching.
The Curriculum: From Zero to Hero
The specialization is structured consecutively, guiding students from fundamental concepts to advanced, specialized application scenarios.
1. Introductory Module (The Foundation)
Informationssicherheit 1 & 2 This two-part series lays the groundwork for all subsequent modules.
- Core Concepts: Protection goals (Confidentiality, Integrity, Availability), vulnerabilities, and threat modeling.
- Cryptography: Symmetric and asymmetric encryption, hash functions, and digital signatures.
- Security Management: Introduction to risk management, security policies, and the "human factor" in security.
2. Fundamentals Module (The Toolkit)
Understanding how systems tick—and how to harden them.
We follow a highly intuitive bottom-up approach, working our way up the security stack: starting from the physical layer and networks, securing the operating systems, hardening applications, and finally wrapping it all up with management and compliance.
Netzwerksicherheit (Network Security)
- Securing infrastructure with Firewalls, IDS/IPS, and VPNs.
- Network protocols (TLS, IPsec) and secure architecture design.
Systemsicherheit (System Security)
- Hardening operating systems (Linux/Windows) and securing the boot process.
- Access Control Models (DAC, MAC, RBAC) and exploit mitigation techniques.
Applikationssicherheit (Application Security)
- Secure Software Development Lifecycle (SSDLC) and Threat Modeling.
- Mitigating web vulnerabilities (OWASP Top 10) and secure coding practices.
Compliance & Security Management
- Information Security Management Systems (ISMS) according to ISO 27001.
- IT-Grundschutz, legal aspects (GDPR/IT-SiG), and risk assessment methodologies.
3. Specialization Module (Deep Dive)
Offensive Security
- Ethical Hacking: Penetration testing phases, Red Teaming methodologies, and vulnerability scanning.
- Active Defense: Understanding attack vectors to build resilient defenses.
Mobile Security
- Platform Security: Security architectures of Android & iOS (Sandboxing, Permissions).
- App Analysis: Static and dynamic analysis of mobile applications and identifying typical pitfalls.
Reverse Engineering
- Binary Analysis: Reading assembly, using debuggers/disassemblers (Ghidra/IDA), and understanding memory layout.
- Malware Analysis: Dissecting malicious software and understanding closed-source protocols.
Notfallmanagement & Digitale Forensik
- Incident Response: Structured handling of security breaches and recovery planning.
- Forensics: Acquiring and analyzing digital evidence from disk and memory.
4. Electives (Specialization)
Students can further sharpen their profile by choosing from a wide range of specialized electives:
- Web Application Security: Advanced attacks and defenses for modern web apps.
- Cloud Security: Securing AWS/Azure environments and container orchestration.
- Hardware / IoT Security: Embedded security and side-channel attacks.
- Applied Cryptography: Implementing crypto primitives and analyzing protocols.
- Vulnerability Research: Finding and exploiting zero-day vulnerabilities.
- IT Security Project: Hands-on team project solving real-world challenges.
Interested?
We are looking for students who want to do more than just use technology—they want to understand and protect it.
💭 Personal Note
Honestly? If I weren't already standing on the other side of the lectern, I'd enroll in this specialization myself immediately. The design of this curriculum reflects the specific skill set I believe is essential for modern security professionals. It covers exactly the topics and depth I would have wished for back when I was a student! 😉