STEM Program

Cybersecurity Vulnerability Assessments: Safeguarding Digital Assets

Faculty Advisor: Research Fellow, Microsoft; Former Visiting Associate Professor, Stanford University

Program Start Time: TBD (meetings will take place for around one hour per week)

Research Practicum Introduction

Vulnerability Assessment is a critical practice for organizations aiming to safeguard their digital assets against potential threats. In the realm of Cybersecurity, Vulnerability Assessment is the cornerstone of a robust and defense strategy. It involves a systematic approach to identifying, assessing, prioritizing, and mitigating vulnerabilities in applications, APIs, and cloud/network infrastructure.

The process typically begins with security teams using automated tools, manual testing, and security advisories to identify vulnerabilities in systems and applications. This includes conducting external vulnerability scanning to identify vulnerabilities that can be exploited from outside the organization's network and internal vulnerability scanning to identify vulnerabilities that could be exploited by malicious players who have gained access.

This program equips students with hands-on experience using Vulnerability Discovery tools. Weekly sessions feature tool presentations followed by assignment discussions. By the end of the program, students will independently conduct Vulnerability Discovery on provided targets. Additionally, students will be introduced to advanced cybersecurity concepts and tools, preparing them for further college coursework and enhancing their attractiveness to cybersecurity programs. Furthermore, the program prepares students for internships and entry-level positions in cybersecurity during their collegiate studies.

Possible Topics For Final Project

  • Network Assessment using the Open Vulnerability Assessment Scanner (OpenVAS)

  • WebApp Assessment using the Open Worldwide Application Security Project Zed Attack Proxy (OWASP ZAP)

  • External Assessment using Nuclei

  • An Overview and Comparison of Assessment Vulnerability Tools.

  • Social Engineering Vulnerability Assessment Techniques and Tools

  • Wireless Network Security Assessment using Aircrack-ng Suite

  • Insider Threat Detection Techniques and Tools

  • Data Breach Simulation and Incident Response Planning

  • Or other topics in this subject area that you are interested in, and that your professor approves after discussing it with you.

Standards of Assessment

To excel, students must be able to run Vulnerability Assessments on given targets successfully and independently. 

Program Detail

  • Cohort Size: 3-5 students

  • Duration: 12 weeks

  • Workload: Around 4-5 hours per week (including class time and homework time)

  • Target Students: 9-12th grade students who are interested in IT and STEM (like Computer Science, electrical engineer, Cybersecurity, Data Science, Machine Learning/AI) or related fields.