Skip to contentSkip to footer

Application Security Interview Questions

Salaries
Interviews

461 application security interview questions shared by candidates

Given this snippet of code, assuming that from where you injected your inputs on the URL, this is the landing space in an attribute, explain to us how you would obfuscate past their filter and successfully demonstrate that the page is vulnerable to Cross Site Scripting.
avatar

Applications Security Specialist

Interviewed at WhiteHat Security

3.4
May 25, 2015

Given this snippet of code, assuming that from where you injected your inputs on the URL, this is the landing space in an attribute, explain to us how you would obfuscate past their filter and successfully demonstrate that the page is vulnerable to Cross Site Scripting.

1- It started with the common prompt "Tell me about yourself," to which I responded with a structured overview of my relevant professional background. 2- I was then asked general AppSec questions. Despite giving answers that I was confident in, the interviewer incorrectly challenged some of them. It became apparent that there was a disconnect in our understandings of certain topics. 3- The code review exercise for an open-source project with vulnerabilities was conceptually a good test of practical skills. However, the effectiveness of this exercise was compromised when the interviewer incorrectly disputed one of my correct identifications of a security flaw. 4- Further AppSec questions were asked, but the interviewer's lack of depth in understanding became evident when they misinterpreted some of the subjects they inquired about, leading to confusion. In conclusion, while the company's emphasis on security was clear, the technical interview experience was disappointing due to the interviewer's insufficient grasp of the interview content. This not only led to unnecessary corrections but also made it challenging to demonstrate my expertise effectively.
avatar

Applications Security Engineer

Interviewed at Fiverr Inc.

4.1
Nov 15, 2023

1- It started with the common prompt "Tell me about yourself," to which I responded with a structured overview of my relevant professional background. 2- I was then asked general AppSec questions. Despite giving answers that I was confident in, the interviewer incorrectly challenged some of them. It became apparent that there was a disconnect in our understandings of certain topics. 3- The code review exercise for an open-source project with vulnerabilities was conceptually a good test of practical skills. However, the effectiveness of this exercise was compromised when the interviewer incorrectly disputed one of my correct identifications of a security flaw. 4- Further AppSec questions were asked, but the interviewer's lack of depth in understanding became evident when they misinterpreted some of the subjects they inquired about, leading to confusion. In conclusion, while the company's emphasis on security was clear, the technical interview experience was disappointing due to the interviewer's insufficient grasp of the interview content. This not only led to unnecessary corrections but also made it challenging to demonstrate my expertise effectively.

Viewing 151 - 160 interview questions

Glassdoor has 461 interview questions and reports from Application security interviews. Prepare for your interview. Get hired. Love your job.