- SAST DAST Infra VM Qualys Nessus Tenable Red teaming Purple teaming vulnerability Management Penetration testing
- Application Security
- Perform secure code reviews manual automated for applications written in languages like Java Python JavaScript etc
- Integrate security into CI CD pipelines DevSecOps practices
- Conduct risk assessments threat modeling and security design reviews
- Identify analyze and report vulnerabilities such as OWASP Top 10 issues
- Work closely with development teams to remediate security flaws
- Penetration Testing
- Conduct black box gray box and white box penetration testing on
- Web applications
- Mobile applications Android iOS
- APIs and microservices
- Perform network and infrastructure security assessments when required
- Use automated tools and manual techniques to discover vulnerabilities
- Develop detailed penetration testing reports with risk ratings and remediation recommendations
- Security Tools Technologies
- Utilize tools such as
- Burp Suite OWASP ZAP
- Nmap Metasploit
- Nessus Qualys
- SAST DAST tools e
- g
- Checkmarx Veracode Fortify
- Create custom scripts for automation and testing Python Bash etc
Application Security,Application Security->Application Risk Profiling,Application Security->Burpsuite,Application Security->Devsecops,Application Security->Ethical Hacking(CEH),Application Security->Nessus,Application Security->SSL(Secure Sockets Layer),Application Security->Threat Modeling,Application Security->Vulnerability Assessment/Penetration Testing,Application Security->Vulnerability Management,Application Security->Web Security,Application Security->Webservices Security,Application Security->Wireshark,Security testing->Vulnerability testing,Technology->Application Security->Vulnerability Management->Qualys,Technology->Application Security->Vulnerability Management->Rapid 7 Nexpose,Vulnerability Management