About

Yatendra Sarswat is a highly experienced Senior Security Operations Engineer with over 7 years of experience in the field of information security. He has extensive experience in performing security assessments according to OWASP, SANS, and CWE standards, as well as source code review on Checkmarx. Yatendra has worked in various fields of information security, including web, mobile application, cloud applications, API, and thick client application security penetration testing. He has worked across banking and product-based environments and is proficient in using proxy tools like Burpsuite and Fiddler. He has the ability to run security scanning tools like IBM Apscan, Burpsuite, Acunetix, Echo Mirage, and perform static application security testing (SAST) and dynamic application security testing (DAST) & Interactive Application Security Testing (IAST). Yatendra is familiar with OWASP, SANS, CWE, InfoSec Institute, and WASC standards and has won client appreciations on many occasions while working on various long-term projects at different client sites like ICICI Bank and Axis Bank Mumbai. He is a team leader, mentor, security researcher, and provides corporate security training. He has successfully completed a project on security tool development and actively reports critical vulnerabilities to various organizations to secure the internet. Yatendra holds a Master of Computer Application and a Bachelor of Computer Application degree. He is also certified in OSCP and CEHv9 (EC-Council) and Linux Redhat. Currently, he is working as a Senior Security Operations Engineer at Jumio Corporation, where he is helping the team design secure products by performing Threat Modelling and Architecture Reviews. He is defining pentesting practices like penetration testing vulnerability assessment process, methodology, reporting guidelines, SLA, etc. He is also performing regular security assessments on AWS and designing CI/CD pipelines to automate secrets scanning/SAST/SCA/DAST solutions.