Software Security - NEIS0736 (2019)!

GitLab Wiki Page
MiSSxTalks Special : July 20, 2019
#OneOnOne Assessment
Team-based Term Projects (#SonarCute, #BrainShock)
1st Half Score
#HereWeFix Contest
#CivilWar #HourOfCode #HereWeFix

MiSSxTalks (Slides)

(Jun 29)
- Pongpat Rakdej - “High Performance Computing” - [Done]
(Jul 13)
- Angkarn Pummarin - “Why use threat modeling & how to use it.” - [Done]
(Aug 10)
- Ardnarong Boonkerd - “Code quality, measuring and improving it, getting started with SonarQube.” - [Done]
(Aug 24)
- Chalermwut Likasitwong - “Tips for Securing your Information Under PCI DSS” - [Done]
- Tanapad Onsri - “Data Breaches, Data Leaks, Web Defacements Why Secure Coding Is Important?” - [Done]
(Sep 7)
- Sirimongkol Wongfu - “What is Security Misconfiguration, and How to Avoid it.” - [Done]
(Sep 14)
- Wissanu Sameejaeng - “Security Tips for Your ERP Implementation” - [Done]
- Pongpat Petchai - “How to Prevent File Upload Vulnerabilities” - [Done]
- Pattama Thongprapai - “Why code reviews matter (and actually save time!)” - [Done]
- Tossaporn Hansing - “Think Like an Attacker and Improve Your Defensive Strategy” - [Done]
(Sep 15)
- Suparath Suwannakorth - “Digital Certificates for Electronic Transactions” - [Done]
- Mutchima Chuensart - “Domain-Driven Design: Tackling Complexity in the Heart of Software” - [Done]
- Raksapon Leelachat - “Secure Deployment” - [Done]
- Yuttapon Kunkot - “Introduction to OWASP ZAP for Web Application Security Assessments” - [Done]
(Sep 28)
- Peranol Akkarasarateera - “Data Anonymization” - [Done]

Members

5817810004 - Peranol Akkarasarateera
- (Hello World)
- (Responsiveness) (TC01)
- (TC02)
- (TC03)
- (PeranolA)
6017810010 - Pongpat Rakdej
- (Hello World)
- (Maintainability)
- (TC02)
- (TC03)
6117660004 - Chitsanuphong Thaninthorn
- (Hello World)
- (Learnability) (TC01)
- (TC02)
- (TC03)
6117670003 - Suparath Suwannakorth
- (Hello World)
- (Availbility) (TC01)
- (Shopee) (TC02)
- (TC03)
- (SuparathS)
6117690002 - Pornwilai Pitakwong*
- (Hello World)
6117690003 - Dunlawan Sakuldee
- (Hello World)
6117810001 - Raksapon Leelachat
- (Hello World)
- (TC01)
- (O365) (TC02)
- (TC03)
- (RaksaponL)
6117810003 - Sirimongkol Wongfu
- (Hello World)
- (Modifiability) (TC01)
- (Medium) (TC02)
- (TC03)
- (SirimongkolW)
6117810004 - Tanapad Onsri
- (Hello World)
- (Interoperability) (TC01)
- (AppleID) (TC02)
- (TC03)
- (TanapadO)
6117810005 - Mutchima Chuensart
- (Hello World)
- (Reliability) (TC01)
- (ClearPass) (TC02)
- (TC03)
- (MutchimaC)
6117810006 - Chalermwut Likasitwong
- (Hello World)
- (Usability) (TC01)
- (Facebook Authentication) (TC02)
- (TC03)
- (ChalermwutL)
6117810009 - Pongpat Petchai
- (Hello world)
- (Compatability) (TC01)
- (Google Authentication) (TC02)
- (TC03)
- (PongpatP)
6117810011 - Wissanu Sameejaeng
- (Hello world)
- (Operability) (TC01)
- (LINE PC) (TC02)
- (WissanuS)
6117810014 - Pattama Thongprapai
- (Hello World)
- (Recoverability) (TC01)
- (Twitter) (TC02)
- (TC03)
6117810012 - Yuttapon Kunkot
- (Hello World)
- (Safety) (TC01)
- (IPSecVPN) (TC02)
- (YuttaponK)
6117810016 - Tossaporn Hansing
- (Hello World)
- (Portability) (TC01)
- (DUO Security) (TC02)
- (TC03)
- (TossapornH)
6117810017 - S———- T———-
- (Hello World*)
- (Failure transparency*)
Certificate - Thanchanok Laopromsukon
- (Hello World)
Certificate - Angkarn Pummarin
- (Hello World)
- (Integrity) (TC01)
- (Kahoot) (TC02)
- (TC03)
- (MiSSxTalk)
- (AngkarnP)
Certificate - Ardnarong Boonkerd
- (Hello World)
- (Testability) (TC01)
- (Bitbucket) (TC02)
- (MiSSxTalk)
- (ArdnarongB)
Certificate - Boonma Sirinitsriwong*
- (Hello World*)
- (Standards Compliance)

[Instructor & TAs]

[Day 1] - (Sat) Jun 8, 2019

Laptop with internet access
Your favorite IDE/text editor
Active email account (gmail is preferable)
GitHub, GitLab & GitHub Page
Scribe of the day by Wissanu S.

[Day 2] - (Sat) Jun 15, 2019

Requirements
Quality Attributes [on Wikipedia]
Sizer 4.0 is latest version of the popular utility used to accurately resize and reposition windows.
Scribe of the day by Suparath S.

[Day 3] - (Sat) Jun 22, 2019

MiSSxTalks
- Maykin W.
Testable Requirements
Effective Test Case Writing (ISTQB Glossary)
Authentication mechanism in your everyday life (Homework)
Scribe of the day by Pattama T.
Grammar Checker
- Ginger
- Reverso

[Day 4] - (Sat) Jun 29, 2019

MiSSxTalks
- Pongpat R.
Precondition (ISTQB Glossary)
Authentication (Cont’d)
Test Level (ISTQB Glossary)
Valid & Invalid Test Cases (ISTQB Glossary)
Scribe of the day by Pattama T.

[Day 5] - (Sat) Jul 13, 2019

MiSSxTalks
- Angkarn P.
Security Requirements
The Application Security Verification Standard (ASVS)
Scribe of the day by Angkarn P.

[Day 6] - (Sat) Jul 20, 2019

MiSSxTalks Special

[Day 7] - (Sun) Jul 21, 2019 (15:30 - 18:30)

One-on-one Assessment
1. 10:31 - 10:45 : Khun Sirimongkol Wongfu (Paolo Memorial) - Done!
2. 14:01 - 14:06 : Khun Peranol Akkarasarateera (true coffee) - Done!
3. 15:16 - 15:30 : Khun Pattama Thongprapai (true coffee) - Done!
4. 15:31 - 15:45 : Khun Chalermwut Likasitwong (true coffee) - Done!
5. 15:46 - 16:00 : Khun Tossaporn Hansing (true coffee) - Done!
6. 16:01 - 16:15 : Khun Wissanu Sameejaeng (true coffee) - Done!
7. 16:16 - 16:30 : Khun Mutchima Chuensart (true coffee) - Done!
8. 16:31 - 16:45 : Khun Tanapad Onsri (true coffee) - Done!
9. 16:46 - 17:00 : Khun Suparath Suwannakorth (true coffee) - Done!
10. 17:01 - 17:15 : Khun Ardnarong Boonkerd (true coffee) - Done!
11. 17:16 - 17:30 : Khun Raksapon Leelachat (true coffee) - Done!
12. 17:31 - 17:45 : Khun Yuttapon Kunkot (true LAB Meeting Room) - Done!
13. 17:46 - 18:00 : Khun Pongpat Petchai (true LAB Meeting Room) - Done!
14. 18:01 - 18:16 : Khun Angkarn Pummarin (true LAB Meeting Room) - Done!

[Semi-final Examination]

(Sun) Aug 4, 2019 (AM)
Keywords
- Testable Security Requirement
- Security Test Case
- Criticize the Test Cases
- Test Case with Precondition
- Passed/Failed

[Day 8] - (Sat) Aug 10, 2019

MiSSxTalks
- Ardnarong B.
OWASP Testing Guide, a “best practice” penetration testing framework which users can implement in their own organizations and a “low level” penetration testing guide that describes techniques for testing most common web application and web service security issues.
Scribe of the day by Mutchima C.

[Day 9] - (Sat) Aug 24, 2019

MiSSxTalks
- Tanapad O.
- Chalermwut L.
The Twelve-Factor App
1. Pattama Thongprapai
2. Mutchima Chuensart
3. Sirimongkol Wongfu
4. Wissanu Sameejaeng
5. Chalermwut Likasitwong
6. Yuttapon Kunkot
7. Angkarn Pummarin
8. Raksapon Leelachat
9. Suparath Suwannakorth
10. Peranol Akkarasarateera
11. Tanapad Onsri
12. Chitsanuphong Thaninthorn
Scribe of the day - Group 1 by Wissanu S.
Scribe of the day - Group 2 by Raksapon L.
Scribe of the day - Group 3 by Tanapad O.

[Day 10] - (Sun) Aug 25, 2019 (15:30 - 18:30)

Secure Coding
Static code analysis
- Studend-generated Learning Environment
Scribe of the day by Yuttapon K.

[Day 11] - (Sat) Sep 7, 2019

Project Scope Presentation
MiSSxTalks
- Sirimongkol W
#HereWeFix Contest (Google)
Daily Scribe by Pattama T.

[Day 12] - (Sat) Sep 14, 2019

MiSSxTalks
- Wissanu S
- Pongpat P
- Pattama T
- Tossaporn H
Software development activities
Daily Scribe by Tanapad O.

[Day 13] - (Sun) Sep 15, 2019 (15:30 - 18:30)

MiSSxTalks
- Suparath S
- Mutchima C
- Raksapon L
- Yuttapon K

[Day 14] - (Sat) Sep 21, 2019

Grouping for the ~~#EndGame~~ #CivilWar #HourOfCode
Project Presentation
1. CI/CD by SonarCute
2. Blockchain by BrainShock!
Daily Scribe by Peranol A.

Software Security - NEIS0736 (2019)!

Software Security - NEIS0736 (2019)!

[Day 1] - (Sat) Jun 8, 2019

[Day 2] - (Sat) Jun 15, 2019

[Day 3] - (Sat) Jun 22, 2019

[Day 4] - (Sat) Jun 29, 2019

[Day 5] - (Sat) Jul 13, 2019

[Day 6] - (Sat) Jul 20, 2019

[Day 7] - (Sun) Jul 21, 2019 (15:30 - 18:30)

[Semi-final Examination]

[Day 8] - (Sat) Aug 10, 2019

[Day 9] - (Sat) Aug 24, 2019

[Day 10] - (Sun) Aug 25, 2019 (15:30 - 18:30)

[Day 11] - (Sat) Sep 7, 2019

[Day 12] - (Sat) Sep 14, 2019

[Day 13] - (Sun) Sep 15, 2019 (15:30 - 18:30)

[Day 14] - (Sat) Sep 21, 2019

[Day 15] - (Sat) Sep 28, 2019

[Final Examination] - (Lec)

Our lecture room, MII 207B