3. Techincal: They will ask about a certain vulnerability and then give you examples and ask you create a payload for this. They will also provide you with sample vulnerability reports and ask you to triage them with CVSS. There will be other scenarios like "If this happens, is this a vulnerability? and you will have to explain your answer" How DNS and other backend systems work. In short you will need deep and clear understanding of web applications working as well as vulnerabilities
Included chatting through CV, some technical questions relating to the role, some HR questions, and a technical exercise. The technical exercise was left open and allowed you to discuss the problems in front of you, which meant they were assessing your ability to do a job and have the right mindset rather than know specific technologies.
Secure design of a cloud based application, and finding security vulnerabilities.
What does Tyler Tech do? How do you keep up to date w development in the app sec space? What's your experience w cloud SaaS services Name a couple of OWASP top ten? Describe XSS, CSFR, sqli (FWIW should have said authZ/authN issues, pwd mgmt, access control)? Do you have any more questions about TT or the role?
Mobile app security web app security Live challenges to solve which had XSS,LFI,SQL and other attacks on a Rails application
Q: Enumerate the port numbers of HTTP, HTTPS, DNS, FTP, SMTP, SSH and DHCP
Basic questions like "why are you interested?" or "how did you hear about the position?".
Threat model , code review
Find vulnerabilities in this piece of code
Phone call - technical experiences, what tools and languages are you familiar with IQ test, 40 questions in 20 minutes - math, shapes and puzzles
Viewing 111 - 120 interview questions