Alex Rajan
Alex Rajan works as an Information Security Analyst at NII. He has carried out Vulnerability Assessments and Penetration Tests for Web Applications and Networks. He has good understanding of cloud application security. He has handled projects in Banking, Insurance and Trading sectors. He also provides training with Institute of Information Security (IIS) – the training arm of NII. He is an active member and a speaker at Nullcon (Mumbai Chapter). Mayank Kapoor
Mayank Kapoor works as an Information Security Analyst at NII. He has carried out Vulnerability Assessments and Penetration Tests for Web Applications and Networks. He is also work with product like Fortify(Source Code Audit Tool). Also familiar with product like WebInspect, IBM AppScan.
He has delivered trainings and workshop across India.
Public Speaker – Delivered talk on Information security awareness in various colleges of Punjab (India)
He has published exploits and bugs on exploit-db, packetstorm, securityfocus, osvdb and has over 50 bug bounties to their credit. Facebook, Barracuda, Yahoo, Twitter, Ebay, Microsoft, Nokia *Top Reporter*, Adobe, Linkedin, AT&T and Sony are just some of the high profile organizations they have found major security vulnerabilities in. His article is published in Pentest Magazine.
Shrikant Antre
Shrikant Antre is Team Leader of Security Assessment team at Network Intelligence India. He works as a part of the security assessment team, conducting vulnerability assessment, penetration testing for various engagements and premier clients of NII.
He is an active member of null (Open Security Community) and PLUG (Pune Linux User Group) like forums contributing his knowledge to the community. He has also handled some challenging projects at NII, which includes tasks like Network Security, Web Application Risk Assessment, Thread Modeling, Source Code Review, Social Engineering, Banking and Trading application testing, Petrol Pump Machine Risk Assessment.
He likes to keep himself involved in learning attacks and finding out the fixes for them along with new tools and technologies, which allow him to conduct in-depth testing of applications during a penetration testing exercise and also provide solution concentrating on Defense-in-Depth.
He has delivered various talks on Information Security concepts and fundamentals at places like NULL. He is a resource person for Computer Society of India (C.S.I.). He has also found ZERO-DAY Vulnerability in Oracle PeopleSoft HRMS Product. (CVE 2012 - 1695)
Vinesh Redkar
Vinesh Redkar works as an Information Security Cosultant at NII. He is certified Offensive Security Certified Professional.
His goal is to achieve highest level of Quality and Information Security certification for organization to enhance customer satisfaction and to achieve his organization’s business goals and objectives, along with his own professional growth and self-satisfaction.
He has also handled some challenging projects at NII, which includes tasks Web Applications security, Secure Source Code review (JAVA, ASP.NET), Networks Security, Thick Client Application and Mobile Application Testing. He also has expertise in Wireless Assessment.
He is also work with Source Code Audit product like Checkmarx, Fortify and Armorize Code Secure. Also, familiar with product like CyberArk, MobileIron and GFI Languard.
CVE Details:
Oracle Critical Patch Update Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.php
http://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/1841215.xml
Oracle ilearning and education Product: CVE-2013-5822, CVE-2005-3352 – Oracle
Certification Achieved:
- OSCP (Offensive Security Computer Professional) MobileIron Certified
- Checkmarx Training attendant Cert.
- CISC (by IIS)
- Application Security
- Network Security
- Mobile Security
- Configuration Review Network Device
- Configuration Review System (OS, Database)
Kaustubh Padwad works as an Senior Security Analyst at NII. He has carried out Vulnerability Assessments and Penetration Tests for Web Applications and Networks Infrastructure. His expertise is in Technical Audits, VA/PT, Linux, scripting, SOC deployment, data processing and Log analysis, CEM Audits, IPS, IDS, and Web Application security. His areas of interest in the information security domain are: buffer overflows, exploitation, reverse engineering, shell scripting, building tools, malware analysis and intrusion detection. He is an active participant in theNull community.
You can find his disclosed vulnerabilities here: http://osvdb.org/creditees/14473-kaustubh-g-padwad
