Jyoti Raval

- Author of Phishing Simulation and MPT: Pentest in Action - Presented at InfosecGirls, Nullcon, Defcon27, Blackhat Asia, HITB Singapore, OWASP NZ, Shecurity, Defcon32, Blackhat London. - OWASP Pune chapter leader - Transformational cybersecurity leader driving product security excellence and innovation. - Expertise in developing and executing comprehensive security strategies, collaborating with cross-functional teams, enabling business growth. - Discovered CVE-2019-11016, CVE-2019-20225, CVE-2020-22842 | Elgg,MyBB Hall of Fame. - GenAI security SteerCo - Product security strategy and governance - Making Product Secure end-to-end - Passionate about building secure products - Product security scorecard and matrix - Researched on improving DAST (Dynamic Application Security Testing) methodology. - Dynamic and result oriented security leader with experience in different aspects of cyber security dimensions. - Threat Modeling, Software supply chain security,Software composition analysis, Configuration Review, Secure Source Code Review, Vulnerability Assessment & Penetration Testing for Infrastructure, Web application and Mobile / Thick client application for Android, Windows and iOS. - Proficient in advance attack technique – Red Team Assessment, including the activities like physical security assessment using social engineering techniques and phishing campaigns. - Developed tools to conceptualize various cyber security techniques. - Assisting customers achieve success in their application security programs. - Authored blogs at Qualys,Harness - https://github.com/jenyraval/Phishing-Simulation - https://www.defcon.org/html/defcon-27/dc-27-demolabs.html#Phishing%20Simulation - https://www.blackhat.com/asia-20/arsenal/schedule/index.html#phishing-simulation-assessment-18906 - https://conference.hitb.org/hitbsecconf2022sin/session/mpt-pentest-in-action/ - https://blog.qualys.com/news/2019/12/11/cve-2019-11016-open-redirect-vulnerability - https://blog.qualys.com/vulnerabilities-threat-research/2021/10/27/apache-tomcat-http-request-smuggling-vulnerability-cve-2021-33037 - https://www.harness.io/blog/harness-api-testing-methodology - https://www.harness.io/blog/the-threat-modeling-process - https://defcon.org/html/defcon-32/dc-32-demolabs.html#54195