Gaining Experiences and Building Connections: My Internship Journey at Appsecco
Me and the Internship
Greetings, readers. I am Abhishek Birdawade, a Computer Engineering student who recently concluded a six-month internship at Appsecco as a Security Engineer Intern. With a profound passion for Cyber Security, my primary objective was to acquire hands-on experience and expand my knowledge in order to excel in this field.
Throughout my internship tenure at Appsecco, I undertook a diverse range of projects and assignments, presenting both challenges and immense rewards. Today, I am thrilled to share my transformative journey with you.
Within this blog post, I will delve into my internship experience, reflecting upon the invaluable lessons learned, the honing of crucial skills, and the profound impact this experience had on my personal and professional development. It is my sincere hope that the insights I provide will prove beneficial to future interns and those seeking a deeper understanding of the dynamic realm of internships.
Landing an offer
Prior to embarking on my internship, I dedicated four years of my computer engineering studies to working as a part-time bug bounty hunter. At my college, it was mandatory for all students to undertake a six-month internship to gain practical experience in the industry. As the campus placement season commenced, I realized that no cyber security companies were participating in the process. Consequently, I anxiously began exploring job opportunities on LinkedIn, and that’s when I stumbled upon Appsecco page, which happened to be hiring for a Security Engineer Intern role. Filled with hope and faith in the universe, I submitted my application.
Surprisingly, I received a prompt response from the HR department. We engaged in a discussion about my keen interest in the internship position at Appsecco. On the same day, I was presented with an assessment in the form of multiple-choice questions. After successfully clearing the assessment, the next step involved an interview with the team lead, Swati Ma’am. As my first professional interview, I was understandably nervous, but Swati Ma’am ensured my comfort throughout the process. The interview proved to be an incredible learning experience, providing me with valuable insights into different facets of security testing from a highly skilled expert.
The subsequent round of interviews allowed me the privilege of interacting with none other than Riyaz Walikar (@riyazwalikar) himself. I never anticipated having the opportunity to engage with Riyaz so soon, and it was undoubtedly a fan-boy moment for me. The interview proved to be highly informative and insightful, with Riyaz delving into the “WHY” behind every aspect of security testing, rather than relying on questions that could be easily found on Google.
After a few days, I received another call from the HR department, notifying me of my selection for the internship position. I experienced a profound sense of relief and joy for two primary reasons: firstly, I secured an internship in the cyber security domain at Appsecco, and secondly, I would have the privilege of working directly under the guidance of Riyaz.
Did I mention that when I initially ventured into the field of Cyber Security in 2017–18, I used to learn from Riyaz’s YouTube talks, Medium blogs & book he wrote?
First day as a First-Time Intern
Amidst the mix of excitement and first-day nervousness, I received a warm welcome from the HR team, followed by a comprehensive orientation session. Without wasting any time, I had my first call with S.O Riyaz, and soon after, I was assigned my initial task.
The task at hand was to create a Wish-list outlining the areas I wished to explore and learn throughout the duration of the internship. My Wish-list encompassed the following:
1. Expanding my knowledge in Blockchain and Smart Contract hacking, with a specific focus on Solidity testing.
2. Gaining proficiency in Cloud security testing and management, with an emphasis on AWS and GCP in the later stages.
3. Acquiring expertise in desktop application testing methodologies.
4. Conducting code reviews for desktop applications.
5. Exploring the realm of browser extensions (add-ons) testing.
6. Enhancing my skills in iOS application testing.
7. Mastering the art of authoring professional reports.
8. Overcoming my tendency to procrastinate and utilizing my time effectively.
9. Acquiring proficiency in Docker and Kubernetes for security testing and deployment purposes.
This Wish-list served as a roadmap, outlining my aspirations and areas of focus during the internship.
Inside Look: A Day in the Life of an Intern
During a typical work-from-home day at the internship, I would commence my work promptly at 9:00 AM. If I had a specific task or assignment assigned to me, I would dedicate my time to it until 6:30 PM, with a one-hour break for lunch.
The tasks and assignments we received were intentionally designed to push us beyond our comfort zones and foster continuous learning. As individuals inclined towards hacking, our focus had typically been on breaking systems rather than developing applications. However, the most valuable lesson I gleaned from this internship was the importance of understanding the inner workings of a system before attempting to exploit its vulnerabilities. This mindset proved to be far more effective than relying solely on trial and error methods. By comprehending how something is created, we can more efficiently identify and exploit its weaknesses.
When it’s Friday!!!
As part of team bonding and fostering a positive work environment, we regularly organized Fun Friday meetings where we could unwind and connect with our colleagues. During my first Friday meet, I took the opportunity to introduce myself to the team, and it turned out to be an enjoyable experience for everyone involved.
During these gatherings, we engaged in virtual games that brought us closer together. Some of the games we played included “Guess the Movie,” “Guess the Song,” “Smash Karts car game,” “Krunker,” “Shellshock,” “Betrayal,” “Gartic phone,” and, of course, the all-time favorite “Skribbl.” In Skribbl, all 15 team members would attempt to defeat Riyaz, but he remained mostly undefeated, showcasing his exceptional skills.
In addition to the gaming sessions, we also had open discussions to enhance our work culture and provide a platform to freely address any issues that may have arisen. These conversations contributed to a more cohesive and supportive team dynamic.
How My Internship Taught Me to Make a Difference
Throughout my internship journey, I had the privilege of learning several valuable lessons that have significantly shaped my approach to security testing:
1. Build before breaking
Understanding the inner workings of a system and its technology is crucial before attempting to uncover vulnerabilities. By understanding the technology and functionalities, I can approach security testing more effectively.
2. The power of “why”
Investigating the underlying reasons behind vulnerabilities is a game-changer for security researchers. Knowing why something is vulnerable provides deeper insights and enables more effective mitigation strategies.
3. Believe in the process
Trusting in the process and believing in the work I’m doing has been instrumental in my growth. It has instilled confidence and helped me navigate challenges with resilience and determination.
4. The significance of mentorship
Having a mentor has been a cornerstone of my growth during the internship. Their guidance, expertise, and support have been invaluable in shaping my skills and fostering personal and professional development.
Implementing these lessons has transformed my approach to security testing. Rather than solely focusing on hacking my way into a system, I prioritize understanding the technology and its functionalities. This shift in mindset has not only yielded fruitful results but has also contributed to exponential growth throughout the six-month duration of my internship.
For those interested in joining an amazing team, I encourage you to keep an eye on Appsecco career page. It’s an opportunity to be a part of an incredible team and embark on an enriching journey.
Outro
I have a long journey ahead of me at Appsecco. I have just begun my cyber-security journey!
As you continue to grow and learn within the field, remember to stay curious, be proactive in seeking knowledge, and embrace opportunities for hands-on experience.
Best of luck on your exciting journey!
