Ukasha Ali

Cybersecurity Consultant 3

Conducting strategy-based Web Application Penetration Tests for Spreadshirt and their Partners. Creating Jira tickets for the vulnerabilities identified, elaboration on attack scenarios OWASP ZAP GitLab CI Integration, running Authenticated Baseline (Passive) and Full-scan (Active) scans to check for security vulnerabilities. Created Stages of pipeline to distinguish between the generation of reports and saving only the recent 4 artifacts with the help of Python script, for storage management.

Meeting clients to discuss and agree on the scope of Penetration testing Performing External Penetration tests on Network, Web applications, Mobile applications, and Thick Client Applications to find out the security vulnerabilities Discussing the identified vulnerabilities using the vulnerability icons (Threat, Impact, solutions) using the reports generated with the client's Technical team, Operations Manager or Vice President of the IT

Identify and evaluate all the criticalities in a system Plans as well as prepare detail practices and procedures that can be implemented to secure system Dynamic and Static Analysis of Web and Mobile applications, assisting in the resolution of identified vulnerabilities Checked misconfigurations and Vulnerabilities in the systems of different companies according to the current and respective OWASP’s top 10