The course taught me how to think and view like an adversary. Tero is an excellent teacher with down to Earth demeanor. The course provides hand-on and practical tasks. I did a lot of things first time and find its very useful.

I discussed with my friends about what I learnt, they find its very interesting and said that their companies also have something in common about information security and how difficult it is, especially in important infrastructure such as electricity grids.

I already recommended the course to my friends in Haaga Helia.

I would love to have a minor / major Information Security. There are a lot of uncharted water in this field.

Students should have some understandings before joining the course as the workload can be difficult. Tero did his best to break down the terms.

Thank you, Tero!

— Le Minh Tuan Do, 2023-10-09

I was quite new to the whole information security theme, and especially in the beginning, the course felt way too advanced. Pretty much all frameworks, tools and exercises were new and shiny to me. But struggling is the name of the game, so I kept on trying. Although a single course will get me nowhere near the skills of some of my fellow students, I learnt a ton and most importantly became interested in pursuing further learning.

Having two sessions on-site with the rest online was both a blessing and a curse. Please consider ha-ving webcams on a requirement for online attending (”if your cam’s not on you’re not here”) or simply giving in to the fact that most of the students won’t have their cameras on because we’re listening while playing with our cats or something. I like your relaxed teaching style, and the tasks were a great way of introducing new topics. I wouldn’t have minded having a bit more guidelines for choosing the topic of the presentations. It might’ve also been a good idea to screen the chosen topics beforehand.

All in all, I expected a lot from this course and my expectations were mainly satisfied. I had lots of mi-xed feelings, but in the end I can say I liked this course and would recommend it to anyone interested in information security or hacking. Complete newbs like me might find some of the topics challenging, but there’s nothing a little extra study and a couple questions can’t solve.

— Heidi Paimen, 2023-03-15

Did you learn something? Do you now know something you did not know before the course? (Models, frameworks, ideas, tools?)

Wheregoes.com to check malicious link
CAN-SPAM law

Did you do something for the first time? (Break web protections with Webgoat, capture traffic, plan attacks? Used some technique or a tool for the first time?)¨

Yes, using John the riper and WebGoat

Is this useful? Are these skills useful in companies?

Yes nowadays cybersecurity skills are highly useful,

How did you like the presentations? Interesting subject? Did you like presenting? Useful information? Actionable?

Yes I really liked this part. It was good that the topic choice was free as long is it related somehow to cybersecurity.
I learn a lot of things from the others students

Feelings: did you enjoy the course?
To be honest I'm disappointed that this course was mostly online. If I would do it again, I would prefer to have it 100% in contact teaching and not only the first and last classes.

How could I improve the course? (I can make almost any change here, if it's important)

Not doing it anymore blended, only in contact would be way better.
Also it would be nice if the teacher has a real course material.
Having everything on Moodle rather would be also better

Would you recommend the course? Have you already recommended it? Who would benefit from the course (a colleague, a fellow student)?

I would recommend it to some business students that are interest a bit in IT.

— Student number 42, 2023-03-15

• TLDR version: Yes, please do take this Information Security course by Tero. I am happy I did that.

• I love the course, despite the demanding amount of tasks I had to go through every week, despite all the stresses and nerves accompanying me when trying to reach to deadlines, I would definitely recommend this course to anyone. I have learnt a lot of things thanks to this course just to name a few, Linux basic command lines, hacking tools, Web Goat, Web Wolf, Darknet Diaries, Hashcat, encryption, and so much more.

• I love that the course covers both the theory and practical parts with a lot of hands-on exercises so I got to learn how things work and why things work that way. The skill and knowledge introduced in the course are very much applicable not only to the study/working environment but also to daily life situations considering every aspect of our daily life requires using data/information.

• I love the presentations prepared by classmates, the topics chosen are very different and personal, and they all brought me a lot of new extra information apart from the course's content. Also, it's a great opportunity to practice/improve my presentation skill (what I have learnt and how efficiently/effectively I can pass the knowledge I learn to others). Also, I found the audience's questions and Tero's feedback very valuable parts of the presentation.

• I wish the timeframe would be more flexible, i.e the course would be stretched to the whole semester instead of half like it was considering the great number of topics the course covered, and also would make it easier to students with less experience like me to follow the course/homework deadline. I also wish that there would be an option to choose between doing the presentation online or in class. As I was happy to get the opportunity to do the presentation online for the very first time and learnt quite a lot from that, I found it very challenging to capture the audience's reaction behind the screen.

— Ola, 2023-03-15

I found that the course covered some very interesting concepts. However, I feel that 5 hours of class in one shot is too long. The course would be even more interesting and constructive if it was divided into two parts over two days. This way, the first part could be theoretical and the second part practical, like a lab.
At this time I would not recommend this course to another student

— #######, 2023-03-15

This was a fairly new thing for me, so I did learn many new things. Hashmap, using web goat, and Penetration testing were some of the things that I used for the first time. The methods, ideas, and tools that I used during the course are really important in our day-to-day lives as well as in companies. The presentation was a good idea, it helped showcase the opinions of individuals who took the course. One of the most interesting topics was the Vastaamo Data breach(maybe because I also had a short presentation on it). This incident helped me understand how a small thing can have big consequences. I did enjoy the course but I would have enjoyed it far more if we didn't have the course online. Another thing to improve in my opinion was the number of assignments and by assignments, I meant the summarizing part. I loved doing the practical task. Yes, I would recommend this course and I already have recommended it.

— Kiran Thapalia, 2023-03-15

I really liked the course. I learned and practise new tools and frameworks that I have not used before. I had experience with analysing the network traffic with arp capture with arp-scan, nmap and wireshark, but I haven't used the webgoat and sqlzoo before and it was great to learn how to use and practise with them. I found them interesting and useful but I am not sure if I can apply those skills at the beginning of working life, but it is definitely useful to know how those tools and frameworks work. The presentations were interesting, not too simple and not too complicated to follow. I enjoy the course and it was not too long and not too short to cover interesting materials, frameworks and tools and have practice with those. I would recommend taking a course to other students.

— Arkadii, 2023-03-15

Information Security is a great hands-on course, and Tero is very clearly a motivated teacher.

For a complete newbie, there's a lot to learn on this course. Most of the course contents were completely new to me, but most of the instructions were personally written by Tero and were easy to follow.

I enjoyed the course, it was very practical and we got to experiment with actual tools, such as WebGoat and how to crack hash passwords. The course is also good for learning Linux, as most assignments are done in a virtual machine.

I would recommend this course to anyone even mildly interested in cybersecurity. It's very beneficial overall, not just for cybersecurity but also for learning how to write professional reports and getting practice presenting in a professional setting.

Thank you for the course Tero!

— Oona Areva, 2023-03-15

In this course, I learned few new things. I was aware of the terms in security but to have a hands on experience was something new. It was new to learn about hacking, managing passwords, and to learn more about the cyber kill chain. Using password manager, encrypting and decrypting messages and using Webgoat was something new I did during this course.
This course is useful for anyone who wants their system secure. The course gives you idea about how the attackers will use the vulnerability to attack your weak points. So it is for us to protect ourselves from those attack. The presentations from the course were good and I got to learn new things from each of the presentations. The presentations were clear and brief and easy to understand.
The course was easy to follow and the tasks were also pretty clear about what to do. Some of the tasks were a bit difficult and needed some extra efforts. The only thing I would suggest from the course to change is if the course could run for the whole semester. As we had to sit in front of our laptop for almost 5-6 hours was a bit tiring. So if the course was for whole semester it could be done so that each class lasts for 3 hours.
I would recommend the course to my colleagues who have not enrolled to this course as it is very useful in our life and will be a plus when we start our career in IT field some day.

— Bhabishya Gurung, 2023-03-15

I learned a lot of new stuff in this course related to information security.
I installed a password manager for the first time, cracked a zip file, and tried a dictionary attack for the first time.
I think learning how to crack the password and dictionary attack was useful because now I am aware of those techniques implemented and I will be more careful with my passwords and security configuration.
I liked all of the presentations because they had detailed explanations of topics that we covered in the course.
I liked the course because we had hands-on examples of what we could implement ourselves.
I would recommend having less theory at the beginning because it might give feeling to the students that the course is too advanced for them. To understand better students need time to digest the information. Also, I would recommend spending less time on observing homework and explaining advanced theories because it gives the feeling that a student is too beginner for the course. Also, too much reading and writing in the first weeks make students drop the course.
I would definitely recommend the course for all students who are doing business IT path but they should have time for the course and coursework.

— Sakhi, 2023-03-15

1. Yes, I did learn lots of new information about the information security, and it was my main goal to attend this course to grasp the basics. Some exercises I did also for the first time as I have never heard about the Bandit, for example, before. It was good to learn about the hashes and work with Linux.
2. I did quite many things for the first time: Webgoat, plan attacks, Bandit, writing reports in Gitlab. The articles that I read were also new to me.
The articles and reading material to me seemed a bit disconnected with what we did.
3. If you intend to work in IT field, its the more you know the better, so courses like this are a help as well as not necessarily you will learn this info by yourself.
4. I like the remote sessions as well as presentations as with the fast and busy way of life & work I find it difficult to come to the campus as it eats a lot of time and I get the same info I could if I would be remote.
5. More reading material about the basics of information security.
6. I would recommend the course as it gives a good idea and lots of directions to dig into later on. I believe almost anyone who is willing to work in the IT field and/or looking for a job, could use the extra knowledge from that course.

— Daria, 2023-03-15

I learned many things such as how to do SQL injections, how to crack some hash and to hack some files with JohnTheRipper.

I used for the first time Webgoat and plan attacks. However, I already used packet sniffer tools because of my networking courses.

The presentations were good and interesting. It brings a plus to the course.

I think the duration of each lesson is too long. I would prefer a whole semester course with shorter lesson. Another possibility is to split course in two days of a week. I think the course but fully physical will be much better.

— anonymous, 2023-03-15

First of all I would like to say that I really enjoyed the course. A lot of things were new to me and even those that I had encountered before, it was a good chance to practice them. WebGoat was something that I used for the first time and I will keep using it to practice more as well as Bandit. This course helped me to become more aware about security matters although I would like to research more and before more familiar with topics that were mentioned in the course. In the end I am surprised how easy it is to run a scheme and scam people that's why I can say for sure that fighting against it is a good career path for me. I have already recommended the course to some fellow students that I believe they will be more than interested.
This course is beneficial not only for students but for professionals in the field of IT too because all everything is applicable with visible results.

I would like this course to last longer but this is just a personal preference because I would like to practice more and more.

— Aikaterini T, 2023-03-15

I would've liked to have more stuff with hands-on approach. We can cover theory on lessons so the rest could be more learn by doing.

These kind of skills are really useful for any ICT-employee because it teaches you about the ways that attackers can compromise even the most up to date systems.

I have recommended the course to few SW engineering students and IMO it should be part of those studies, because most of these attacks that we tried are actually something that full-stack developers need to be careful about.

To me the pace of the course was a bit too quick. Homework deadlines are hard to keep up and sometimes the peer reviews were way off. At least in my homework there seemed to be lot of inability to check embedded links. It's not academic writing anyways, more like a portfolio.

— Altti, 2023-03-15

- I didn't learn new topics, but had a refresher on some tools
- I used some tools for the first time like Webgoat
- I think some of the "attacks" we performed, like getting something from an HTTP response are not related to security but more to network
- Presentations are a nice way to finish the course and interact with mates
- I mostly enjoyed the course, despite being too passive during class
- Make more exercises, guided attacks, setting up a network between VM, etc.
- I would recommend this course for second semester students, to get an approach on security, but practice the topics throughout your school projects.

— Nathan, 2023-03-15

One of the things that stood out for me was the practical sessions. I had the opportunity to break web protections with Webgoat and capture traffic, which was my first time doing so. I also used some new techniques and tools for the first time, which was exciting.

The skills I acquired in the course are very useful in today's world. I believe that these skills will come in handy in companies, and I am already thinking of ways to apply them in my workplace.

The presentations were interesting, and I enjoyed learning about the subject matter. The information presented was useful and actionable, and I found myself applying some of the concepts in my daily life.

Overall, I enjoyed the course and would recommend it to anyone looking to learn more about information security. If I had to suggest any improvements, it would be to have more practical sessions. I have already recommended the course to my colleagues and fellow students, and I believe that anyone interested in information security will benefit from it.

— Dagmawi Beyene, 2023-03-15