Included chatting through CV, some technical questions relating to the role, some HR questions, and a technical exercise. The technical exercise was left open and allowed you to discuss the problems in front of you, which meant they were assessing your ability to do a job and have the right mindset rather than know specific technologies.
Secure design of a cloud based application, and finding security vulnerabilities.
What does Tyler Tech do? How do you keep up to date w development in the app sec space? What's your experience w cloud SaaS services Name a couple of OWASP top ten? Describe XSS, CSFR, sqli (FWIW should have said authZ/authN issues, pwd mgmt, access control)? Do you have any more questions about TT or the role?
Mobile app security web app security Live challenges to solve which had XSS,LFI,SQL and other attacks on a Rails application
Q: Enumerate the port numbers of HTTP, HTTPS, DNS, FTP, SMTP, SSH and DHCP
Basic questions like "why are you interested?" or "how did you hear about the position?".
Threat model , code review
Find vulnerabilities in this piece of code
Phone call - technical experiences, what tools and languages are you familiar with IQ test, 40 questions in 20 minutes - math, shapes and puzzles
One specific thing they asked was to perform a code review on a Java REST API. I had to identify a Mass Assignment vulnerability where an endpoint was binding request data directly to a persistence entity.
Viewing 111 - 120 interview questions