Cyber security/Security on SingleParentLife.app is paramount and is required to be designed on the app for the safety/security of our users. We also require a Privacy Policy to address the large data from users. Penetration testing to be included upon completion, try and break into, exploit, or otherwise attempt to break a given product via security vulnerabilities.

·       Students are required to understand the app and design cybersecurity/security. Set up the security, log in, play around, understand generally how it works

·       Students should spend time conducting research on state of the art pen testing technologies, look into common vulnerability lists such as OWASP Top 10, and common security tools such as Nmap, Burp Suitar, Nessus, and Wireshark

·       Students to provide complete documentation on the cyber security/ security of the application and write an attack plan and present it, so we can understand how the security is implemented and what the test will do and what is uncovered

·       Students will show how to attack the app and the cyber security/security of the app, as per the presented plan

SPL will collect and process large amounts of data from our customers. This is in line with the security of the app and is of utmost importance that we keep this data confidential and safely manage personal information. Students are to design the Privacy Policy. This policy builds trust with users and protects our company by transparently disclosing how we gather information.

This will involve several different steps for the students, including:

·       Familiarizing themselves with SPL mission and vision statements

·       Completing a needs assessment

·       Familiarizing themselves with company activities that involve the use of personal information

·       Analyzing information management practices within the company

Initial cyber security/security requirements will be shared with the students prior to them starting the assessment. Students should demonstrate an understanding of company values, mission and vision and company activities involving information management. Students to provide a cyber security/security document and testing plan is to be presented. This should include cyber security/security files and tools they will use, techniques for design and exploration, what categorical vectors of testing/attack will they go after, and any other information they feel like they need to present. This should be presented to us via a small slide deck or other means.

Upon completion of cyber security/security and testing, the final deliverable should be documentation such as a written report detailing the security, how the testing was conducted, what tests passed, what tests failed, recommendations for mitigation strategies, and any further notes required. Other items to consider for a final report should be:

• An executive summary detailing overview, timeline, key findings
• Categorize details, findings into vulnerability, levels such as critical, high, medium, low
• High detailed summaries of any findings
• Low detailed summaries of any tests conducted with no findings
• A recap of any tools used

The completion of the Privacy Policy document is also required.

Final Deliverables

Cyber security/security and testing documentation. Also, the final report and the Privacy Policy. Final 10-15 minute presentation. Students to provide SPL with all documentation via email, upload to GitHub and SPL Drive or add to the app/platform as their final deliverables.

Students will connect directly with us for mentorship throughout the project. We will be able to provide answers to questions such as:

• SPL mission and vision statements
• Requirements of cyber security/security, information management and Privacy Policy
• Input on choices, problems or anything else the students might encounter.

App Figma is complete and SPL will provide a walk-through of the product. MVP is designed and students will have access to add the cyber security/security to the design. Lighter technical details will be provided to students before they begin design and testing.

Students will be able to ask questions at any point during the process. The Founder will meet with them as required.

Resources

The Founder is available for meetings and will support as needed. SPL will share cyber security/ security app requirements and example of needs assessment and privacy policies.