User:Rishi

10+ years of experience in application security. Experience includes consulting and research on vulnerabilities, malware, protocol analysis, evolving attack vectors and signature development for WAF, network & host based IDS/IPS products.

Authored the following articles: - Pen testing – What should you look for? (June 2011) – PenTest Magazine [Cover Page Story] - Trust Pen testing Team. Do you? (Sep 2011) – PenTest Magazine - Web Session Management – reality is a nightmare! (Dec 2011) – PenTest Magazine (Web Applications) - Dive into PA DSS (Dec 2011) – PenTest Standards - Anatomy of Attack Detection, Without Data! (Dec 2011) – PenTest Magazine (Extra)

Speaker: NullCon Goa 2013, OWASP (Mumbai Chapter), Null Meets (Delhi Chapter), Bangalore Cyber Security Summit and eSurakshit.

Public Disclosures: Vulnerability in a travel VISA processing website, PayTM, Kotak Mahindra Bank, LinkedIn, Twitter, Yahoo and first Google Chrome DOS POC.