VAPT (vulnerability assessment/penetration testing)
|技術||:||VAPT (vulnerability assessment/penetration testing)|
|経験||:||5 - 8 Years Years|
5 to 8 years of total experience and out of which minimum 3 years relevant VAPT experience.
Comprehensive understanding of information security concepts.
Expertise in vulnerability assessment/penetration testing.
Expertise and experience of conducting vulnerability assessments as per standards such as OWASP Top 10, SANS Top 25 and WASC, NIST.
Knowledge of security assessment tools e.g. Nessus, Acunetix, Appscan, nmap, SAINT etc.
Hands on experience of developing exploits.
Hands on experience of using Operating systems preferably Linux / UNIX (IBM IAX, Sun Solaris, HP UX etc.) and network equipments.
Experience of identification and mitigation of vulnerabilities.
Ability to conduct vulnerability assessment and penetration testing of networks, web applications using automated and manual approach.
Hands-on experience with security tools Nessus, Burpsuite, Qualysguard, Netsparker, Acunetix, Metasploit, drozer, apktool, dex2jar, Checkmarx, AppScan, Fortify, Veracode, etc.
Good understanding of attacks such as dhcp starvation, dns spoofing, email spoofing, phishing, DOS, DDOS, ARP poisoning, XSS, CSRF, SQL Injection, XXE, etc.
Good knowledge of TCP/IP and other application and network level protocols.
Ability to provide remediation solution of vulnerabilities.
Expertise in security log review, analysis and correlation.
Thorough understanding of Application Security Concept (such as OWSAP,CWSS).
Good verbal and written communication.