3 PEAT
GigaOm Names Cobalt an “Outperformer” for Third Consecutive Year in Annual Radar Report for PTaaS.
3 PEAT
GigaOm Names Cobalt an “Outperformer” for Third Consecutive Year in Annual Radar Report for PTaaS.

2023 Q1 Pentester of the Quarter: Sanyam Chawla

Congratulations to Sanyam Chawla for winning the Pentester of the Quarter Award for Q1. Sanyam was nominated by his peers due to being a great teammate and leader in the Core.

Happy 2023! We are so excited to announce that our first Cobalt Core Pentester of the Quarter is Sanyam Chawla! Sanyam has been a part of the Core since March 2021 and received high praise from his fellow Core members. Sanyam has been in cybersecurity for over five years and works as a Senior Security Engineer. He is CREST certified and holds numerous other certificates, such as OSCP and CPSA. 

Words from Sanyam

First of all, I would like to extend my gratitude for this reward. It is an honor to be recognized for my work as a Pentester of the Quarter, and I am grateful to have the opportunity to contribute to this field.

I want to thank my peers, leads, and the Cobalt family for their support and guidance. Without their help and encouragement, I would not have been able to achieve this recognition.

I am also grateful to my family for their support and understanding of the time and effort that goes into this work.

I am excited to continue my work as a pentester and use this award to motivate me to new heights and aspire to be a Lead someday.

Thank you again for this honor. It means a great deal to me.

The following are some of the tips/pointers I would like to convey to someone who wants to be successful as a Core Pentester:

  1. Building a strong foundation in cybersecurity is a must. One should focus on understanding key concepts within computer science and networking, such as how systems and networks work, what threats exist, etc. Staying up-to-date with the latest tools and technologies will help one be more effective in testing, identifying, and exploiting vulnerabilities that others may not know about.

  2. One should practice independently by participating in online challenges and capture the flag (CTF) events. This will not only help one in getting hands-on experience but will also help in honing their skills to achieve industry-recognized certifications such as Offensive Security Certified Professional (OSCP), Offensive Security Web Expert (OSWE), Certified Red Team Professional (CRTP), SANS certification. These certifications will demonstrate one's knowledge and skills as a core pentester.

  3. Communication skills are very important as one may be required to explain technical concepts to non-technical stakeholders or present their findings and recommendations to clients. These skills will not only help with the above but will also help build a strong network and relationships with other professionals in the cybersecurity field.

  4. As a pentester, it is important to act with integrity and respect the privacy and security of the systems and networks you are testing. Hence, always be ethical and follow the rules and guidelines your employer or client sets. Also, don't be afraid to ask for help or seek additional resources when needed. It's okay to admit when you don't know something and to seek the resources you need to learn.

  5. Time management and organizational skills are important to take on extra responsibilities or seek additional training or education to improve your skills. This can help you stand out in the field and make you more valuable to potential employers or clients.

  6. Working with a mentor or joining a community of like-minded professionals adds great value to your profile. A mentor can provide guidance and support as you navigate your career; a community can be a great source of knowledge and support. Some examples of communities that can help are OWASP, null community, etc.

  7. Be a risk taker and try new things. As a pentester, you need to be confident and willing to think outside the box and try new approaches to solve problems. This can help you discover new vulnerabilities and find creative solutions for them.


 

What the Core has to say about Sanyam Chawla

 

Why are you nominating Sanyam? 

"He helped me during the initial days getting into the cyber security industry and pentesting."

"I would like to nominate him for his dedication and hard work, which I have seen in him during his CREST Certification preparation. He left no stone unturned and finally achieved his goal."

"Worked with Sanyam in the past. He is a very professional and technically strong person. He approached me while we were working on the project for collaboration, and he shared some useful data for testing, which shows his teamwork."

"I have had the opportunity to work with Sanyam on several projects in the past and have consistently been impressed with his technical skills. He has a strong understanding of Network and Web. He applies this knowledge effectively to solve problems and complete tasks."

"I really appreciate Sanyam Chawla's dedication to the team. His hard work and commitment to excellence are evident in everything, and it's a pleasure to work with Sanyam Chawla."

"He has great technical skills, done many things for the community. Rocked it overall."

"Sanyam is a great pentester, and I have been impressed with his technical skills and attention to detail."

What have you learned from Sanyam?

"I have learned a lot from him on the technical front as well as the way he delivers his updates which helped me to work upon mine."

"He is very knowledgeable. I learned a lot of new things related to network pen-testing."

"I have learned things like how to write good reports and try to escalate the finding to show the better impact of the finding."

"I have learned with Sanyam a couple of new recon techniques and attacks related to XSS and SSRF. He was able to bypass WAF and execute XSS."

"The willingness to continuously learn and stay up-to-date on industry developments"

 

 

 

Back to Blog
About Shelby Matthews
Shelby Matthews is a Community Content Associate at Cobalt. She works to empower the Cobalt Core of professional pentesters, by providing them with a platform to produce content and showcase their expertise. She graduated from the University of Missouri with a degree in Journalism and uses it to bring the Cobalt Core's stories to life. More By Shelby Matthews
Pentester of the Quarter: Sunil Kande
Sunil Kande is Cobalt's Pentester of the Quarter! Sunil was selected by his peers as someone they enjoy working with who has expert technical skills.
Blog
Jul 1, 2022
Pentester Spotlight: Goonjeta Malhotra
“Pentesting allowed me to challenge my skills and knowledge, to think of creative ways to exploit and identify vulnerabilities, and always to find ways to improve security posture." That's what Core Pentester Goonjeta Malhotra said about her journey into pentesting. Learn more about Goonjeta in here Pentester Spotlight.
Blog
Feb 23, 2023
Pentester Spotlight: Armaan Pathan
Armaan Pathan, a passionate cybersecurity professional, joined Cobalt's Core team in 2019 after being involved with the company during its bug bounty program phase. With a focus on identifying security flaws rather than building applications, Armaan has extensive experience in penetration testing and web application testing. He is dedicated to continuous learning, staying ahead of emerging threats, and providing comprehensive reports and strategic recommendations to clients.
Blog
Jun 29, 2023