Summary:


Utkarsh is currently employed as a Security Engineer at Traveloka, an Indonesian unicorn company that provides airline ticketing and hotel booking services online with the focus on domestic travel. He has started and delivered more than 250+ projects individually. Dedicated to the security community, he is continuously involved in Bug Bounty programs with recognition from Google, Bugcrowd, Portswigger, Cobalt, etc and writing articles related to the info sec.


Detailed Experience & Expertise:

1) Application Security

  • In-depth knowledge of OWASP Top 10, SANS Top 25

  • Skilled in performing vulnerability assessment & penetration tests on a wide range of platforms

  • Expertise of intranet applications, internet application security testing of more than 50+ applications like NetBanking, Payment Gateway, E-Commerce applications, etc

  • Security testing of applications developed in ASP.net, JSP, PHP etc

  • Worked along with developers to fix the identified vulnerabilities

  • Business-Logic based application security testing

  • Review of the web application secure SDLC process

  • Well versed with DevSecOps

2) Network Security

  • Hands on experience with tools used in performing network assessment.

  • In-depth knowledge of Networking fundamentals

  • Worked in security for a wide range of operating systems, databases, web servers, mail servers and applications

  • Experience with an extensive range of security systems and solutions  

3) Mobile Application Security

  • Well versed with Mobile-OWASP top 10 .

  • Tested over 10 mobile applications relating to NetBanking , Insurance , Sales management and payment applications.

  • Well versed with both virtual and on-device application security testing.

4) Source Code Review

  • Knowledge of Checkmarx, VisualCodeGrepper

  • Performed the code review of applications developed in different languages.

  • Manual Verification of issues obtained from the tool

  • Verification of scan results

  • Eliminating the false positive

  • Manual verification of the vulnerabilities such as error handling, business related vulnerabilities, organization’s password policy etc.

Technical Skills:

He has had an exposure to a variety of different applications and network environments which has helped him to enhance his technical skills.

  • Operating Systems: Windows, Linux

  • Servers: FTP, Web servers (Apache, IIS)

  • Databases:MySQL, MS SQL Server

  • Security Tools: Burp suite, Nmap, SQLMap, Wireshark, Fiddler, Firebug, Nessus, Winhex, Nikto, Metasploit, Netcat. Also comfortable with the Kali pentesting OS.

  • Scanners: Acunetix, Netsparker, Qualys

  • Languages: C, JAVA, ASP.NET using C#, Scripting(Python)

  • He has participated in several Bugbounty programs and was acknowledged and rewarded by Google, Heroku, Cobalt, Bugcrowd, BountyFactory, SplashID, PortSwigger, Flexlists, Issuu, Humble Bundle etc. for reporting bugs in their applications.

  • Researching and learning about new advance attack methods.

  • Has written articles related to InfoSec on Linkedin.

Interpersonal Skills:

  • Have good communication skills.

  • Experience in handling projects individually and in a team. Delivering more than what is expected and before timelines

  • Requirement handling.

  • Confident in working from C-level executives to senior and middle management, system administrators, auditors, business partners, clients, customers, employees, etc.

Professional ​
Information​​
Skills

Web Application Development

Web Application VAPT

Network VAPT

Android & IOS Testing

API Testing

Blackbox Testing

Red Team Assessment

Vishing

Phishing

DevSecOps

 

Languages

HTML/CSS/JAVASCRIPT

C

ASP.NET using C#

Python

 

Traveloka

​May 2019 - Till Now

Network Intelligence India

​April 2017 - April 2019

Torrid Networks Private Limited

​June 2016 - March 2017

Techdefence Labs

​June 2015 - July 2015

(Internship cum Training)

HPES

June 2014 - July 2014

(Summer Training)

Career
Summary
Education
Dr. A.P.J. Abdul Kalam Technical University

​2012 - 2016 (B. Tech in CSE)

St. Thomas School

​2008 - 2012 (High School & Intermediate)

Follow me

© 2019 by Utkarsh Tiwari.

Call

M: +919xxxxxxxx6

  • Facebook Clean
  • Twitter Clean
  • White Google+ Icon
  • White LinkedIn Icon
  • White Blogger Icon