What are your favorite OWASP Top10 vulnerabilities?
Application Security Engineer Interview Questions
173 application security engineer interview questions shared by candidates
Know the various most common vulnerabilities
A lot, how do I do vulnerability management was one.
3. Techincal: They will ask about a certain vulnerability and then give you examples and ask you create a payload for this. They will also provide you with sample vulnerability reports and ask you to triage them with CVSS. There will be other scenarios like "If this happens, is this a vulnerability? and you will have to explain your answer" How DNS and other backend systems work. In short you will need deep and clear understanding of web applications working as well as vulnerabilities
Included chatting through CV, some technical questions relating to the role, some HR questions, and a technical exercise. The technical exercise was left open and allowed you to discuss the problems in front of you, which meant they were assessing your ability to do a job and have the right mindset rather than know specific technologies.
Secure design of a cloud based application, and finding security vulnerabilities.
One specific thing they asked was to perform a code review on a Java REST API. I had to identify a Mass Assignment vulnerability where an endpoint was binding request data directly to a persistence entity.
Why are you joining Fortis?
They did not ask anything.
Explain XSS.
Viewing 31 - 40 interview questions
See Interview Questions for Similar Jobs
Application Security ArchitectApplication Security AnalystApplication SecurityInformation Systems Security EngineerSoftware Security EngineerInformation Systems Security ManagerInformation Security ArchitectSenior Security EngineerSenior Security ArchitectInformation Security EngineerIt Security EngineerIt Security ArchitectIt Security ConsultantInformation Security ConsultantCyber Security ConsultantInformation Systems SecurityInformation Security ManagerSenior Information Security Engineer