Threat model a login form, SOP, CORS etc
Application Security Engineer Interview Questions
461 application security engineer interview questions shared by candidates
Type of XSS triggered in a link? My answer: every type of XSS can be triggered via link
1. AWS S3 bucket safe configuration 2. how to detect email spoofing 3. AWS logging best practices 4. scenario how to mitigate unsafe secrets stored in a git repo 5. write a python script that parses addresses from a server log and queries them against some security API to scan them (virus total, ...)
There were a bunch of technical questions regarding common application security topics - vulnerabilities, attack vectors, exploits, etc. There were also management and behavior based questions
What are you doing as an App Sec engineer in your company?
What are the testcases for JWT token? what is the structure of JWT token ?can you bypass signature in JWT token?
can we get XSS in file upload functionality ? what is frame busting and clickjack ?
The technical questions included designing some real life feature from a security perspective.
What have you done in the past
About Current Job, About Wise Values, About Team. Basic recruitment team questions.
Viewing 311 - 320 interview questions