I thoroughly enjoyed this course even though I couldn’t attend almost any theoretical classes. The course is indeed a 2-in-1: LBS and VSSD.

LBS theoretical and lab classes lack in quality, the main teacher makes an already boring subject unbearable to learn in classes and kind of gives the impression that she isn’t very confident in her knowledge (although she is) which makes the classes very hard to follow. Labs were almost purely exercise-solving to train for the exam but my teacher wasn’t the best which made them also very hard to understand and follow. Despite this, the practical project...

This course is divided in LBS (Language Based Security) and VSSD (Vulnerabilities and Secure Software Development).

The project was like a compilers project (which I didn't like much)... Thankfully the submission date was after the winter break, which gave us extra time to complete it.

The VSSD Labs were indeed challenging but really enjoyable (the best part of the course).

Even with the heavy workload and some boring parts I consider this course a must take for people specializing in Cybersecurity, since many of the topics learned in this course which are essential for anyone in Cyber...

I feel this course has significant flaws and is not well-structured. While the division of topics might make sense in theory, the execution, workload distribution, and overall organization leave a lot to be desired.

Theoretical Classes There is a stark contrast between the two halves of the theoretical lectures. On one hand, the VSSDs classes are well-structured, clear, and very easy to follow. On the other hand, the LBS (Language-Based Security) component is quite abstract and therefore difficult to grasp. Because the LBS material is inherently complex, it requires confident and engaging...

Not rewarding for the effort necessary.

I really regret taking this course. It is poorly organized, outdated, and the content lacks interest. If I knew then what I know now, I would never have taken it.

The course is divided into two parts, VSSD and LBS, and it feels like you are taking two completely different courses.

VSSD consists mainly of weekly capture-the-flag exercises with write-ups. While these can be interesting, they are extremely time-consuming and are barely valued in the final evaluation.

LBS was a complete waste of time. The theoretical classes were terrible; it was very hard to focus or understand anything being...

Interesting course, worth it if you're interested in security. But I wouldnt say it's a must take.

So to give some context SSof is divided in 2. VSSD and LBS. They have different theoretical classes and labs and each have a "main" teacher

Vssd

• Each week there were Capture the flag exercises to do, they were fun and you learn about common software vulnerabilities but really time consuming. You had to do a write up for each exercise and later ones were harder to find the solution. So you end up spending a whole day each week on just these exercises (unless you cheat which I wouldn't...

I didn’t love this course, but it was definitely not the worst course I’ve taken during my degree. The course is divided into two main parts: LBS, taught by Professor Ana Almeida Mato, and VSSDs, taught by Professor Pedro Adão.

Overall, the structure makes sense, but the experience really depends on which part of the course you’re focusing on.

Theoretical Classes

The theoretical classes are quite important to understand both the weekly challenges and the lab classes. Without attending them, it would be much harder to follow what’s going on. That said, Professor Ana Mato is extremely...

Good course, with a lot of material to study from and really engaged professors. Keep in mind that it has multiple weekly graded lab challenges (based on exploiting a vulnerability to get a hidden flag), a big project, an obligatory exam and the biggest project practical test I've had for any course so far.

Half of the lab classes are exercises on paper, the other half is help for the lab challenges. As for the exercises on paper, a lot of exercises are too long, making them confusing and leading to many of the exercises not being solved during class. Thankfully they provided recorded...

There are 2 parts of this course: VSSD with professor Adão and LBS with professor Ana. Adão explains concepts very well and the VSSD labs are CTF style problems for students to apply their teachings hands-on with a real objective and tangible results. Ana on the other hand is not very eloquent and has difficulty speaking in front of a room of students and the LBS labs are mostly pen and paper problems.

I can certainly say that Adão was one of the best professors with some of the most fascinating course material of the Master's degree so far where as Ana's part was thoroughly lacking.

Each week you had one theoretical class for LBS and one for VSSD, and the same for labs. So basically, you had two completely different courses running at the same time.

VSSD labs were like CTFs with a scoreboard — the only part I actually enjoyed. LBS labs were just exam-style exercises.

Professors

Professor Ana Matos makes LBS painful.

Professor Miguel Pupo Correia gave the VSSD lectures. Not good, not bad, just meh.

Exam

The LBS part of the exam is the same style as the...

Contents

The first part was all about learning common vulnerabilities and how to exploit them (SQLi, XSS, Race Conditions, Buffer Overflow…) with Professor Pedro Adão. If you're into that kind of stuff, it's super interesting.

The second half (midway through the semester) was focused on studying information flow policies (e.g., Perl taint mode) and other similar mechanisms (like dynamic flow analysis in JavaScript).

It’s a complete context switch from the first half — it’s all about stuff like WHILE annotations, big-step/small-step...