Darshana Jaywant Bhoir

Roles & Responsibilities: ▪ Performed authentication bypass checks, account takeover, database security testing with SQL queries with respect to the OWASP top 10 list. ▪ Performed Threat Modelling using Microsoft Threat Modelling Tool using the STRIDE Approach. ▪ Planning, conducting, and reporting of vulnerability and risk assessments to project team and guiding them towards its remediation. ▪ Also performed SAST and DAST on various Java, Python and PHP applications using SonarQube, Burp Suite, Microsoft HCL appscan, Fortify, Checkmarx and ZAP and made reports. ▪ Created and tracked security bugs by using Microsoft Team Foundation Server. ▪ Performed mobile application security checks including android through Checkmarx tool.

Roles & Responsibilities: • Performed Checkmarx static application security tests and code review for our global clients. • Provided software security support related to Checkmarx and remediation guidance to dev teams. • Performed Automated Dynamic Scans and Manual Scans for java and .net applications using Burp suite Professional. • Performed IDS/IPS mitigation/response and vulnerability scanning through incident management support. • Reviewed and analyzed vulnerabilities from SCA report of Checkmarx to determine business impact and eliminate false positives. • Reported the identified issues to development teams by creating security bugs and follow up on the fixes with the help of Microsoft Team Foundation Server. • Implemented CIS L1 benchmarks on the application servers manually. • Performed smoke testing on the software. • Involved in preparation of all security auditing and reporting activities for the client meetings.