Kavita G


Summary

She has total experience 7 years with technologies and including 3+ years in the field of Information Security. Currently she serves as Information Security Trainer and Cyber Security Analyst, at Institute of Information security. Her work mainly focuses on conducting Information Security Trainings & Vulnerability Assessment Penetration Testing for NIIs premier clients. Her technical abilities span a very wide range of technologies across web servers, and applications. However, her specialization is .NET, java, php, shell Script and Python secure coding, web application penetration testing, Mobile Application Penetration and Database Configuration Security and DBMS review and Source Code Review.

https://www.youtube.com/watch?v=SKsTGtNAlK0

Educational Qualification

  • Bachelor of Commerce
  • Software Engineering (GNIIT) from NIIT
  • Microsoft .NET Framework Certified with score 929/1000
  • Certified CEHV10


Total Experience in Training

  • Over 7 Years

Detailed Experience & Expertise

  • Application Security
    • Web application security assessment.
    • Knowledge of OWASP testing, business logic testing.
    • Business-Logic based application testing.
    • Knowledge of other penetration testing standard as WASC,
    • CWE, NIST and SANS Mobile Application Security
    • Well versed with OWASP Mobile Top Ten
    • Experience in Mobile Penetration Testing platforms-based applications.
  • Source Code Review
    • Knowledge of Checkmarx, HP Fortify and another free tool
    • Performed the code review of Java, .NET and Objective C
    • based applications and IPAD and Php.
    • Automated Scans using Static Source Code Analysis tool
    • Manual Verification of issues obtained from the tool +
    • Verification of scan results + Eliminating the false positive
    • Manual verification of the vulnerabilities such as error
    • handling, business related vulnerabilities, organization's
    • password policy etc.
  • Programming Languages
    • Java (J2SE and J2EE)
    • .NET (ASP.NET MVC)
    • Programming in C, C++, C#, Php
    • Programming in Python and shell script
    • Well versed in web Technologies language

    https://www.youtube.com/watch?v=SKsTGtNAlK0&t=10s

  • Modelling Language
    • UML
  • DBMS and RDBMS
    • SQL Server 2012
    • Oracle 11g
    • MySQL
    • MongoDB
  • Additional Experience
  • Development on .Net Framework
  • Development in php
  • Development in Java
  • Development of Android Application


Interpersonal Skills

  • Have good communication skills by being a public speaker and corporate Training.
  • Experience in project management, and client interactions.
  • Experience in dealing with senior and middle management, system administrators, auditors, business partners, clients, customers, employees, etc.


Research and Development

  • Database security with hardening system for MS SQL, MySQL and Oracle.
  • Secure Coding in C#.Net, Java, Php and Python


Technical Skills

  • Operating Systems: Windows, Linux, Unix
  • Databases: Oracle, MS SQL Server, MySQL, MongoDB



Live Experience

  • She has experience of handling activities WAPT, Source Code Review, DBMS security Review and Application Process Review.
  • Having Experience in Black Box Testing, Grey Box Testing and White Box Testing.
  • She has experience of Source Code Review activities as she worked on .Net web application, Java, Objective C and php.



Trainings

She has experience with the following technologies as a Trainer.

  • OWASP based Penetration Testing
  • Secure coding and Web application Security
  • Secure Coding on Mobile Application Android and iOS
  • Database Security Auditing (MS SQL Server 2012,
  • Oracle11g, MySQL, MongoDB)
  • Provide training for shell scripting and python
  • Web Application Penetration Testing
  • Secure coding on .net
  • Secure coding on java
  • Secure coding on php
Corporate Training topics as she conducted
  • Secure Coding on .NET and Java
  • Secure code on Php
  • Security hardening of MSSQL, MYSQL and Oracle
  • Web Application Penetration Testing (WAPT)
  • Certified Web Application Security Professional
  • Source Code Review Java, .Net, Python and on Php
  • Source Code Review on Checkmarx
  • Implementing of Aadhar Authentication and configuration.
  • Mobile testing on Android & iOS Device
  • Secure Coding on Mobile Application Android and iOS
  • Web Server Secure Configuration/Secure hardening


Training Delivered

Some of the Recent Client Training Delivered by her

  • Ernst & Young
  • Qualcomm Wireless Technology and innovation Mobile Technology
  • Bharat Petroleum Pvt.Ltd (BPCL)
  • Air Force Station Madh Island
  • GCO TECHNOLOGY CENTER PVT LTD
  • UPL
  • JBSolution Jain Bhavesh Solutions
  • RSAM Technology
  • BCPL (Brahmaputra Cracker and Polymer Limited)
  • AGS transact technologies ltd
  • NICE System Ltd
  • Accelya Kale Solution
  • Air Force Station