Methods and Tools for Developing Cybersecurity Competence in the Professional Training of Future Software Engineering Specialists

Abstract

The article substantiates the interpretation of the concept of
«cybernetic security competence formation» in the aspect of
professional training of future software engineers. Also, the article
defines and characterizes effective methods of forming
competence in cyber security, which should be used in the
process of training the future software engineers, namely:
methods of interactive training: simulation of attacks and
defenses, «Capture the Flag» (CTF), hands-on laboratories and
simulators; project-oriented training: development of secure
software systems, web security, incident management; case
study method: analysis of cyber security incidents, review of
security policies; integration of cyber security in the programming
course: secure programming, code analysis; educational
platforms and tools: online courses and platforms for cyber
security training, virtual laboratories; assessment methods and
feedback: security testing tasks, competitive assessment,
reflection and discussion; professional development through
certification programs: CISSP (Certified Information Systems
Security Professional), CEH (Certified Ethical Hacker), CompTIA
Security certification. At the same time, the article pays special
attention to modern means of competence formation in cyber
security, which are expedient to be used in the professional
training of future software engineers. Among them there are:
software and tools for security testing: Metasploit, Wireshark,
Nmap, Kali Linux; virtual laboratories and simulators: TryHackMe,
Hack The Box, Cyber Range; online courses and learning
platforms: Coursera – courses from leading universities and
companies in cyber security, edX – a learning platform that offers
cyber security courses from leading universities, Udemy – online
courses on various aspects of cyber security, including
pentesting, network protection, etc.; learning management
systems (LMS): Moodle – a platform for creating online courses
that allows to organize tasks, testing and interaction with
students, Blackboard – a learning management system that
includes modules for creating interactive tasks and tests on cyber
security, Google Classroom – a convenient interface for
organizing classes, discussions and monitoring student progress;
competitions and contests: CTF (Capture The Flag) – a popular
format of cyber security competitions, European Cyber Security
Challenge (ECSC) – an international competition where students
can demonstrate their skills in the field of cyber security, National
Collegiate Cyber Defense Competition (CCDC) – a competition
for students, in which teams compete in the field of protection of
real network systems; methodological and reference materials:
books «Cyber security» or «Information security and
cryptography», scientific publications on cyber security, blogs and
resources; cyber threat simulators; mentoring and controlling.