Ashok Mandalapu

• During the tenure with HIREDAPT i have worked on various application to do manual testing and Vulnerability Assessment and Penetration Testing to check the flaws in the Application in accordance with OWASP TOP10 project standards.
• Streamlined incident response processes, reducing the time taken to mitigate potential threats effectively.
• Enhanced application security by conducting thorough vulnerability assessments and penetration testing.
• Designed and executed comprehensive security training programs for developers, fostering a security-conscious culture within the organization.

• During the tenure with TXM most of the worked on vulnerability assessment and penetration testing of web Application security and APIs by following the OWASP Top10 Standards.
• Managed timely resolution of identified vulnerabilities through effective collaboration with both internal teams and external vendors.
• Streamlined incident response processes, reducing the time taken to mitigate potential threats effectively.
• Evaluated third-party tools and services to bolster network and application defences proactively.
• Established strong working relationships with stakeholders at all levels within the organization, promoting open communication channels around application security concerns as needed.

During the tenure with Aujas Networks pvt ltd i have worked as security consultant and focused on these below.

• OWASP Top 10 Issues identifications like SQL Injection, XSS, Session management
• Conducted research, mitigation, and coordination of actions designed to reduce information security risk across internet facing presence.
• Providing details of the issues identified and the remediation plan to the stake holders
• Identification of different vulnerabilities of applications by using proxies like Burp suite to validate the server-side validations.
• Helped in Training the development team on the secure coding practices.
• Execute and craft different payloads to attack he system to execute XSS and different attacks.
• SQL Map to dump the database data to the local folder.
• Identified issues on sessions management, Input validations, output encoding,Logging, Exceptions, Cookie attributes, encryption, Privilege escalations.
• Ensure the issues identified are reported as per the reporting standards.
• Provide the report and explain the issues to the development team.
• Implement security solutions according to Security Policy and Practices established by the Client.
• Burp suite, Dirbuster and IBM Appscan tools on daily basis to complete the assessments.
• Identified issues on sessions management, Input validations, output encoding, Logging, Exceptions, Cookie attributes, Encryption, Privilege escalations.
• Instructed application team in secure programming during all phases of application lifecycle (SDLC) based on OWASP standards

During the internship, I was involved in front end development for a non-profit organization project called sarascare.org.

• As an intern, I was worked on the developing the user interfaces using HTML for coding and CSS for designing and styling the webpages and JavaScript for the implementing the interactive features, handling user inputs and to manage the data flow on client side.
• Using the CSS, I have checked the optimizing performance of the pages that were implemented on the website.
• I have tested the web application and ensuring the application works consistently across different browsers
• Worked on integrating the APIs to fetch the data from back-end services by using AJAX, Fetch API
• Parsing and displaying the data in the UI to ensure seamless integration between Front-end and Back-end
• I have involved in debugging and testing of the application to identify and fixing the bugs and also check the performance of the application.
• Involved in writing the clear and comprehensive documentation for code and APIs
• Worked with product manager to understand and refine the whole application requirements.