Methods and Tools for Developing Cybersecurity Competence in the Professional Training of Future Software Engineering Specialists

Abstract

The article substantiates the interpretation of the concept of «cybernetic security competence formation» in the aspect of professional training of future software engineers. Also, the article defines and characterizes effective methods of forming competence in cyber security, which should be used in the process of training the future software engineers, namely: methods of interactive training: simulation of attacks and defenses, «Capture the Flag» (CTF), hands-on laboratories and simulators; project-oriented training: development of secure software systems, web security, incident management; case study method: analysis of cyber security incidents, review of security policies; integration of cyber security in the programming course: secure programming, code analysis; educational platforms and tools: online courses and platforms for cyber security training, virtual laboratories; assessment methods and feedback: security testing tasks, competitive assessment, reflection and discussion; professional development through certification programs: CISSP (Certified Information Systems Security Professional), CEH (Certified Ethical Hacker), CompTIA Security certification. At the same time, the article pays special attention to modern means of competence formation in cyber security, which are expedient to be used in the professional training of future software engineers. Among them there are: software and tools for security testing: Metasploit, Wireshark, Nmap, Kali Linux; virtual laboratories and simulators: TryHackMe, Hack The Box, Cyber Range; online courses and learning platforms: Coursera – courses from leading universities and companies in cyber security, edX – a learning platform that offers cyber security courses from leading universities, Udemy – online courses on various aspects of cyber security, including pentesting, network protection, etc.; learning management systems (LMS): Moodle – a platform for creating online courses that allows to organize tasks, testing and interaction with students, Blackboard – a learning management system that includes modules for creating interactive tasks and tests on cyber security, Google Classroom – a convenient interface for organizing classes, discussions and monitoring student progress; competitions and contests: CTF (Capture The Flag) – a popular format of cyber security competitions, European Cyber Security Challenge (ECSC) – an international competition where students can demonstrate their skills in the field of cyber security, National Collegiate Cyber Defense Competition (CCDC) – a competition for students, in which teams compete in the field of protection of real network systems; methodological and reference materials: books «Cyber security» or «Information security and cryptography», scientific publications on cyber security, blogs and resources; cyber threat simulators; mentoring and controlling.

Key words: methods; means; competences; cyber security; professional training; software engineers.