Pratik has been with NotSoSecure since 2017 and has worked on security issues with a broad range of clients, including major banking, finance, and media companies. His work involves network and application Penetration Testing and red team assessments. He also manages a small team performing Penetration Testing for internal, external, and Cloud network infrastructure and web
applications. Another part of his job involves training as a contributor to NotSoSecure’s Advanced Infrastructure Hacking course and for the past year delivering training courses
Pratik is an information security enthusiast with a strong interest in infrastructure Penetration Testing and web application security assessments, which has led to extensive Penetration Testing experience for Fortune 500 companies involving web applications, networks, Infra and Red Teamwork. He holds a Bachelor of Engineering (BE) degree in Computer Science from Pune University and a number of international certifications. As a student, Pratik took part in Bug Bounty programmes and over the years has reported multiple vulnerabilities through HackerOne, Synack Red Team and Cobalt Core. He has also contributed in Metasploit exploit development (written exploit for Windows local privilege escalation). In 2017, he was credited with the identification of a particular vulnerability involving unwanted actions on a wireless router (CVE-2017-7398).
Course content contributor and trainer for NotSoSecure’s Infrastructure Hacking, Web Hacking, Art of Hacking and Hacking 101 courses. Pratik has delivered training at Black Hat and other leading global Security conferences.
The sheer breadth of Information Security is one of the main things that motivates Pratik in his day-to-day work. This means not only having a deep understanding of many aspects of security but also the necessary processes that need to be set up in order to make a client’s IT environment secure. This is by far one of the greatest motivators in his work: the identification of a system’s vulnerabilities further to the application of various Penetration Testing techniques and generally “thinking outside of the box” with the ultimate objective of creating the most secure possible environment.