TY  - BOOK
AU  - Ubais P K(93613035)
TI  - Application and Infrastructure security assessments
KW  - SECURITY AND PRIVACY
KW  - NETWORK SECURITY
N2  - This report is to describe about internship done at Ernst & Young Information security team in order to give support for clients/companies who are suffering from or afraid of unauthorized access to their network by exploiting vulnerabilities. The major work that has to be done is to identify those vulnerabilities in networks and web applications, and hence suggest mitigation.
The team provides various service in information security field in order to provide support and mitigation for their client infrastructure and applications. They are listed below
1.	Network vulnerability assessment.
Network appliances like firewalls, VOIP devices, Server machines, etc. are scanned for vulnerabilities and tries to exploit them in order to make report.
2.	Application penetration testing.
Web applications and mobile applications are scanned for vulnerabilities and exploit them to compromise server machines and reporting it
3.	Source code review.
The application source codes provided by client reviewed in aspects of an information security analyst.
4.	Security reviews.
The server configurations like rot permissions, password policies are pulled out from machine and getting audited as per information security standards and policies

ER  -