SPV Reddy

offensive Security

   ●  Offensive Security Certified Professional (OSCP)

   ●  Synack Red Team Member (SRT)

Web Application Security

Android Application Security

iOS Application Security

Network Security

API & WebSockets Security

Wireless Security

Software Defined Radio Security

DevSecOps Implementation

Vulnerability Management

Corporate Security Trainings

PHP & WordPress Development

Public Speaking

• Working as Product Security Engineer in CISCO Systems from March 2016 Handling Vulnerability Assessment and Penetration Testing for more than 60 unique applications.
  

• Leading a Team of 2 Members and scheduling Security Assessments and responsible for Security Delivery.
  

• Good knowledge on various Security standards,methodology and compliances like OWASP TOP10, SANS 25, PTES, OSSTM, PCI-DSS.
  

• Experience in performing application security assessments and Penetration Testing on Web Applications, Mobile Applications, API’s and Web Sockets.
  

• Interact with Internal Development teams and help them for bug fixing.
  

• Had good experience on Vulnerability Assessment, Penetration Testing, SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) tools.
  

• Perform Vulnerability Assessment and Penetration Testing on Web Applications, WAP Portals, API’s, Mobile Applications periodically and help dev teams to fix the issues.
  

• Provide Security Trainings to Internal Development Teams on secure coding to avoiding vulnerabilities.
  

• Good knowledge on exploiting RFID and NFC devices.
  

• Interact with third party Security Firms and revalidate the issues raised by them on products.
  

• Knowledge on PHP Development and used to develop dashboards for tracking vulnerabilities raised in Manual and Automated Assessments.
  

• Created a Checklist for WebApplication Pentest covering more than 100 Vulnerabilities and execute them while penetration testing along with OWASP TOP 10.
  

• Designed a Security Score card and released it as Open Source,where any company can evaluate score of their product which generates rating automatically.
  

• Developed a dashboard for tracking all the Vulnerabilities raised in the Vulnerability Assessment and Penetration Testing bug fixing and scheduling the periodical scans.
  

Acunetix, Qualys Guard, BurpSuite Pro, 
IBM AppScan, Teenable Nessuss, Veracode

OWASP ZAP, IronWASP, SSLLabs, MobSF, WPScan,
 Nikto, SQLMap, Open Vas, Vega SubGraph

Metasploit Framework, Santoku OS, BurpSuite Pro,
 Xposed Framework, Xenotix,  Hackbar, Hydra

Nmap, Zenmap, Wapalyzer, Exploit DB, 
Sparta Tool, maltego

Dirbuster, Recon-ng, Sublist3r

ApkTool, Dex2Jar, JD-GUI

INDIAN CYBER CONFERENCE - Sep 29 2018 (Sri Vidhyanikethan - Tirupathi)

   ●  Mobile Spyware

   ●  Mobile Ransomware

NATIONAL CYBER SAFETY AND SECURITY STANDARDS - June 24 2018 (RRMCH - Banglore)

   ●  Panel Discussion Member

   ●  Real Time Cyber Attacks & Preventive Measures

NATIONAL CYBER DEFENSE RESEARCH CENTRE - June 23 2018 (RRMCH - Banglore)

   ●  Web Application Attacks

   ●  Mobile Ransomware

   ●  Secure SDLC in Product Based Companies

NATIONAL CYBER SAFETY AND SECURITY STANDARDS - Feb 25 2018 (Anna University - Chennai)

   ●  Mobile Applicaiton Security Tools & Methodologies

   ●  Exploiting API Security Flaws in Mobile Apps

Open Web Application Security Project(OWASP HYD CHAPTER) - Feb 03 2018 (CoMakeIT - Hyderabad)

   ●  Mobile Application Penetration Testing

   ●  Demo on Exploiting Mobile Applicaiton Flaws

NATIONAL INFORMATION SECURITY SUMMIT - Sep 25 2017 (Amity University - LUCKNOW)

   ●  Implementing Security Automation (DevSecOps)

   ●  Introduction:-Carrier in Cyber Security for noobs

HACKERS DAY INTERNATIONAL INFOSEC CONFERENCE(CHAPTER MEET) - April 13 2017 (Hyderabad)

   ●  Penetration Testing Methologies and Tools

   ●  Bypassing Web Application Firewall

TRAINININGS TO INTERNAL DEVELOPMENT TEAMS

WEBINARS & Streaming