Whats process of threat modelling. Any automation work done in past. How would your team mates describe you. Explain your understanding of agile.
Application Security Analyst Interview Questions
461 application security analyst interview questions shared by candidates
About Current Job, About Wise Values, About Team. Basic recruitment team questions.
Threat model a login form, SOP, CORS etc
Type of XSS triggered in a link? My answer: every type of XSS can be triggered via link
1. AWS S3 bucket safe configuration 2. how to detect email spoofing 3. AWS logging best practices 4. scenario how to mitigate unsafe secrets stored in a git repo 5. write a python script that parses addresses from a server log and queries them against some security API to scan them (virus total, ...)
What are the testcases for JWT token? what is the structure of JWT token ?can you bypass signature in JWT token?
can we get XSS in file upload functionality ? what is frame busting and clickjack ?
The technical questions included designing some real life feature from a security perspective.
Basic Info about the company
There were a bunch of technical questions regarding common application security topics - vulnerabilities, attack vectors, exploits, etc. There were also management and behavior based questions
Viewing 311 - 320 interview questions