Team

Experience & Activities

Mr. Ashish Nainwal is a seasoned cybersecurity professional with over 16 years of extensive experience in areas like Application Security, Penetration Testing, Threat Modelling, Risk Management, Vulnerability Management, Test Team Management, Secure Code Reviews, Functional Testing, and Project Management. He has played an active role in performing offensive penetration testing for web applications in line with OWASP Top 10 principles. He has overseen comprehensive end-to-end test management, encompassing careful planning, risk evaluation, issue resolution, and effective governance. He has also taken proactive measures to ensure the utmost quality of all delivery-related materials, identifying gaps and eliminating redundancies. Ashish’s expertise revolves around security methodologies including OWASP, NIST SP 800-115, and ISO 27000. He possesses a profound comprehension of security tools, processes, and procedures, ranging from meticulous test planning to the development of precise test cases and the proficient management of vulnerabilities. This includes executing Threat Modelling and Threat Profiling, along with adeptly handling risks and vulnerabilities. He takes the lead in mentoring a team of application security researchers, providing valuable security guidance to both product and development teams. He has been instrumental in producing comprehensive pen test assessment reports that effectively convey the engagement’s scope, risks, and recommended remediation strategies, tailored for both technical and managerial audiences. Ashish’s remarkable skill lies in bridging the gap between technical teams and executive-level professionals, articulating pertinent testing results and findings with clarity and precision. As a pivotal stakeholder and advisor, he makes a significant contribution to project and program delivery.