By the end of the Internship, the candidate will be able to
Review at least one application in its entirety for security vulnerabilities.
The vulnerabilities in focus will be authentication bypass, authorization failures, session mismanagement, input and output validation, cryptography misuse and inaccurate logging.
The candidate will have completed code review and penetration testing on a large scale cloud based application. The tools and techniques learnt during the review can be used to evaluate most large scale products in the industry
The candidate will document, i) the methodology used to identify the security issues., ii) identify the bugs and vulnerabilities in the application, iii) note any systemic issues wide spread in the application.
The candidate should have completed
1. Course work in application development or operating systems or network programming
2. Course work in programming oriented courses like C, C++, C#, JAVA
3. Candidates with computer science or engineering focus are preferred
4. A passion for security – demonstrated by knowledge of recent security issues, articles read, course work taken