TCS RIO-210: Advanced Dynamic Application Security Testing to Find Defects in Web Applications.

210 Hours Internship at Tata Consultancy Services.

Project Outcome:
In this project, I have learnt about various kinds of techniques that hackers use to compromise web applications and also learnt about how to secure them.

Learnings:
I have learnt about many types of vulnerabilities found in web applications, most common of them being.

• Injection Attacks
• Broken Authentication Attacks
• Sensitive Data Exposure
• XML External Entities
• Broken Access Control
• Security Misconfiguration
• Cross Site Scripting
• Insecure Deserialization
• Using Components with Known Vulnerabilities
• Insufficient Logging and Monitoring

In this internship, I have learnt about OWASP Top 10.

OWASP represents the Open Web Application Security Project, an online network that produces articles, strategies, documentation, instruments, and innovations in the field of web application security.

OWASP Top 10 is the rundown of the 10 most popular web application weaknesses. It additionally shows their dangers, effects, and countermeasures. Refreshed each three to four years, the most recent OWASP weaknesses list was discharged in 2018.

During this internship I also found out about the contrasts among DAST and SAST. I am confident about how the SAST and DAST types of testing works.

 Refer the project file for complete in-depth information.

TCS Internship Certificate

Shaswat advanced dynamic web application testing certificate

TCS Internship Project Report

Project Report PDF