New to Application Security?
Need to know more about what options you have to safeguard your application? Overwhelmed with the information on the net and not sure which solution is best for your needs? Look no further. The AppSec Beginner’s Guide is here to provide you with all the information and resources you need to become a bonafide AppSec guru. Week after week, an increasing number of corporations and governments become the victims of cybercrime. These exploitations lead to losses of revenue and reputation which can are often impossible to recover for the affected organizations.
The best defense in the fight against cybercrime is ensuring that your code in free of the vulnerabilities that can be exploited by malicious hackers. The best place to start is by ensuring that your organization’s developers are familiar with, and knowledgeable about, Application Security (AppSec). Checkmarx offers a number of tools to increase AppSec IQ which include whitepapers and in-depth blog articles.
In our vulnerability knowledge base, you will find all of the information you need to understand the threats and vulnerabilities which threaten application level security as well as the tips you need to ensure your code is written with the highest level of integrity.
I spent a couple hours the summer of 2021 reading through Glassdoor.com to see what users submitted for security questions they'd received while interviewing for security engineer jobs. I wrote down all of them that weren't duplicates and that's what you've got: raw job interview questions. These are apparently the same questions asked by Google, Facebook, Amazon, Apple, Salesforce, LinkedIn, etc.
I purposefully didn't map the question to a company. That's not the point of this repo. Learning is.
Security is difficult to get your arms around, much less your brain. I sorted the questions into logical topic groups, though. I'm also answering the questions periodically at https://theprojectx.co.
And please, send me changes/additions/etc.