Contractor Name, CAGE Code, DUNS
De Lune Corp.
Del. Schedule-Start/Completion Date
August 2022 – January 2023
Vulnerability and risk assessment on a system developed by USAID to disseminate agricultural knowledge and technology to farmers
Moodle Cloud Platform:
Conducted Vulnerability Analysis on Moodle Cloud Platform.
- Reviewed the current configurations of LMS (Moodle) against leading practices such as NIST 800-53, MITRE, OWASP etc
- Conducted Third Party Risk Assessments on Moodle Cloud Platform.
- Presented the evidence to the stakeholders and developed risk-based recommendations
Android Application Analysis:
- Phase One:
Reviewed the android application as an end-user.
Identified and executed relevant attack techniques/vectors that an adversary can leverage
Reversed engineered the APK application and analyzed API-based vulnerabilities.
Developed risk-based recommendations for hosted cloud applications and the android application.
Conducted API network traffic-based analysis and identified application vulnerabilities.
Presented the evidence to the stakeholders and developed risk-based recommendations
Reviewed the android application Source Code as developer.
Identified the attack vectors that can be leveraged for exploitation.
Conducted Back-End and Front-End application source code static analysis.
Documented and generate reports for identified Vulnerabilities, Security Hotpots, Bug Fixes and Misconfigurations
Developed risk-based recommendations and secure codes