Viswanath Addepalli
Software Engineer
Bangalore
Summary
IT professional with 4+ years of experience in Information Security in the areas of VAPT, vulnerability and patch management, Infrastructure compliance, Identity and Access Management. Hands-on experience in application security, vulnerability assessments and OWASP along with different security testing tools.
Overview
5
5
years of professional experience
4
4
Certifications
Work History
Information Security Analyst
- Involved in OWASP Top 10 based Vulnerability Assessment of various internet facing point of sale web applications
- Capable of identifying flaws like Injection, XSS, Insecure direct object reference, Security Misconfiguration, Sensitive data exposure, Functional level access control, CSRF, Invalidated redirects
- Experience in different web application security testing tools like Web Inspect, AppScan, Burp Suite, SQLmap, OWASP ZAP Proxy, Qualys Guard, Nessus
- As a security consultant involved in enhancing the security stature of the project by initiatives Security awareness sessions
- Simulate how an attacker would exploit the vulnerabilities identified during the dynamic analysis phase
- Performed vulnerability assessments and configuration reviews for servers and desktops by using Nessus.
Senior Member Technical
12.2019 - Current
- White Box dynamic testing on client applications
- Automation testing by using HP Web Inspect tool for Web applications and Web services by using Postman tool
- False positive analysis for automated tool results by using Burp suite
- Manual Assessment for the client applications and report generations
- Fine tuning for the tool configuration settings for critical applications
- Follow up and ensure the closure of the raised vulnerabilities by revalidating and ensuring 100% Closure
- Planning, Scheduling, tracking and reporting on manual/automated testing on the internet and intranet applications
- Provided the development team with detailed reports based on the findings obtained from the manual and automated testing methodologies, also provide the necessary remediation for individual findings
- Attended meetings with development team to discuss the previously submitted reports on the findings to ensure that the fixes are made to those applications
- Performing manual/automated application security testing on the major changes carried out in the application
- Identifying the critical, High, Medium, Low vulnerabilities in the applications based on OWASP Top 10 and prioritizing them based on the criticality
- Identified issues on sessions management, Input validations, Logging, Exceptions, Cookie attributes, Encryption, Privilege escalations
- Greybox penetration testing on internet and intranet facing applications
- Performed Network Security testing by using Tenable Nessus and N-map
- Worked on server hardening (Compliance) and vulnerability management
- Execute and craft different payloads to attack the system to execute XSS and different attacks
- Collaborating on cross-team and cross product technical issues with a variety of resources including development to document software defects and customer suggestions
- Participate in documentation and product review process for new product introductions
- Contributing to the knowledge base by authoring and editing articles to share current information with team members
- Performing the Compliance scan for Unix,Windows,Database,VMWare,Citirx servers, WebServices scan for Apache,Tomcat,Jboss,IBM products and Network devices like Switches,Routers,etc.
- Using Qualys Guard tool
- Identifying and preparing the reports for Non-Compliance devices and following up with respective Owners.
Senior Member Technical
Broadridge Financial Solutions India Pvt Ltd
04.2019 - Current
- Implemented process improvements to smooth development cycle and increase collaboration.
- Developed new network hardware with advanced features and improved performance.
- Designed robust improvements to vulnerability assessment by applying technical knowledge and incorporating changes from senior staff.
- Created innovative solutions to meet changing market demands and future growth plans.
Project Engineer
06.2018 - 01.2019
- Security assessment of online applications to identify the vulnerabilities in different categories like Input and data Validation, Authentication, Authorization, Auditing & logging
- Vulnerability Assessment of various web applications used in the organization using Burp Suite, and HP Web Inspect
- Coordinate with development team to ensure closure of reported vulnerabilities by explaining the ease of exploitation and the impact of the issue
- Good knowledge on IBM AppScan to enhance the web application security
- Update with the new hackings and latest vulnerabilities to ensure no such loopholes are present in the existing system
- Follow up and ensure the closure of the raised vulnerabilities by revalidating and ensuring 100% Closure
- Manual (DAST) security testing on the web applications against OWASP top 10 standards
- Performed OS patching activity for Unix and Windows servers
- Created remediation jobs for Infrastructure vulnerabilities by using scripts in BladeLogic tool
- Prepared monthly reports and uptime stats for all servers and workstations using SCCM
- Scheduling weekly calls with server owners and follow-up on the vulnerability remediation efforts
- Generating latest vulnerability reports in the organization and segregating the vulnerabilities
- Worked towards increase the compliance percentage for the servers and reduce the vulnerability counts
- Installing the DLP agents and SEP agents for the missing workstations using internal LSD tool
- Onboarding the servers, providing the access to users, fixing password issues using CAPAM tool
- Submitting the rescan requests for remediated vulnerabilities which are open status.
Education
Bachelor of Technology -
Acharya Nagarjuna University
Master of Business Administration - undefined
JNTU
Skills
Security assessment of online applications to identify the vulnerabilities in different categories like Input and data Validation, Authentication, Authorization, Auditing & logging
undefinedCertification
Certified Ethical Hacker (CEH)
Timeline
Senior Member Technical
12.2019 - Current
Senior Member Technical
Broadridge Financial Solutions India Pvt Ltd
04.2019 - Current
Project Engineer
06.2018 - 01.2019
Information Security Analyst
Bachelor of Technology -
Acharya Nagarjuna University
Master of Business Administration - undefined
JNTU
Similar Profiles
KOMAL MOREKOMAL MORE
Professional Development | May 2025 – Present at NAProfessional Development | May 2025 – Present at NA
Mohanad Abdel-RahmanMohanad Abdel-Rahman
Academic Peer Tutor at NAAcademic Peer Tutor at NA
Shlomo JaffeShlomo Jaffe
Highschool Math Tutor at NAHighschool Math Tutor at NA
Tenzin Lhaki DorjiTenzin Lhaki Dorji
English Tutor at NAEnglish Tutor at NA
Manjunath ShekarManjunath Shekar
Head – Business Analysis & Marketing at Rosenberger IndiaHead – Business Analysis & Marketing at Rosenberger India