We are creative, ambitious and ready for challenges!
The California Public Employees' Retirement System (CALPERS)
CALPERS manages pension and health benefits for more than 1.6 million California public employees, retirees, and their families. As of January 1, 2021, CalPERS managed the largest public pension fund in the United States, with $392.5 billion in assets at the end of the 2020 Fiscal years.
For more information about the client please visit California Public Employees’ Retirement System – CalPERS
- Performed Penetration Testing and Vulnerability Assessment in accordance with OWASP standards using manual techniques and automated tools.
- Performed in-depth assessment of Security Assessment Reports.
- Performed Vulnerability Assessment using Burp Suite.
- Identified common web site security issues (CSRF, XSS, Applications logic, SQL injection, information leakage, Session fixation etc.) across various platforms using Burp Suite and validated them manually.
- Used SQLMap to dump the database data to the local folder.
- Collaborated with fellow analysts to develop and streamline operational guidelines and perform analytical support of security incident calls across the enterprise.
- Met with internal/external customers to analyze outputs from web application scans.
- Identified issues on sessions management, Input validations, output encoding, Logging, Exceptions, Cookie attributes, Encryption, Privilege escalations.
- Involved in discussion the development team on the most common vulnerabilities and common code review issues and explaining the remediation.
- Utilized various Firefox add-ons like Flag fox, Live HTTP Header, Tamper data to perform the pen test .
In working with Technology Crest Corporation, CALPERS was able to ensure its systems were secure. CALPERS leveraged the results of TCrest’s scans and penetration tests to reveal its vulnerabilities exposing real risks and re-testing them to ensure reliability.