Skip to contentSkip to footer

Application Security Engineer Interview Questions

Salaries
Interviews

173 application security engineer interview questions shared by candidates

1. They come with python project, asked to identify bugs in python code 2. They run the code and asked to how you enumerate application manually without using 3. nmap, dirbuster nor any automation tool. 4. Explain about Json interoperatable attack 5. Explain about Dependency confusion attack 6. Explain about printspool attack 7. Explain how can get RFI with only having LFI vulnerability in php application 8. Explain about deserialization attack 9. Explain what checks you perform on windows machine to exploit privilege escalation attack 10. How you will perform pivoting attacks
avatar

Lead Application Security Engineer

Interviewed at S&P Global

4.1
Jul 12, 2021

1. They come with python project, asked to identify bugs in python code 2. They run the code and asked to how you enumerate application manually without using 3. nmap, dirbuster nor any automation tool. 4. Explain about Json interoperatable attack 5. Explain about Dependency confusion attack 6. Explain about printspool attack 7. Explain how can get RFI with only having LFI vulnerability in php application 8. Explain about deserialization attack 9. Explain what checks you perform on windows machine to exploit privilege escalation attack 10. How you will perform pivoting attacks

What's the difference between IDS vs Firewall Talk about AWS security protections and best practices How do you tune a firewall What security frameworks do you use Tell me about a time you received difficult feedback, and how did you handle it? How would you, personally, incorporate diversity practices into the workplace? Explain CSRF, CORS, SOP.
avatar

Senior Application Security Engineer

Interviewed at Alma

2.7
Mar 18, 2023

What's the difference between IDS vs Firewall Talk about AWS security protections and best practices How do you tune a firewall What security frameworks do you use Tell me about a time you received difficult feedback, and how did you handle it? How would you, personally, incorporate diversity practices into the workplace? Explain CSRF, CORS, SOP.

30% questions did not make any sense, like manually HTML encode the payload or how you perform xss without any browser. A few questions were on Mobile pentesting, and the answers he said at the end were wrong xd,later checked it on internet.
avatar

Application Security Engineer

Interviewed at Zeta

3.4
Jun 29, 2024

30% questions did not make any sense, like manually HTML encode the payload or how you perform xss without any browser. A few questions were on Mobile pentesting, and the answers he said at the end were wrong xd,later checked it on internet.

What is SQLi and how to mitigate it? What is XSS and how to mitigate it? perform threat modeling on a smart home security system. basic scripting with python what is insecure deserialization and how to fix it what is SSRF and how to exploit it
avatar

Application Security Engineer

Interviewed at Amazon

3.5
Oct 23, 2023

What is SQLi and how to mitigate it? What is XSS and how to mitigate it? perform threat modeling on a smart home security system. basic scripting with python what is insecure deserialization and how to fix it what is SSRF and how to exploit it

Viewing 101 - 110 interview questions

Glassdoor has 173 interview questions and reports from Application security engineer interviews. Prepare for your interview. Get hired. Love your job.