I interviewed at Mirox Cyber Security (Thiruvananthapuram)
Interview
Getting interviewed at Mirox Cyber Security is a rigorous process that heavily prioritizes your hands-on technical skills. Candidates typically report a multi-stage process starting with a screening call, followed by an intensive Technical Round and a Practical Lab Test.
Key focus areas include:
VAPT Core: Expect deep-dive questions on OWASP Top 10, Network Security, and Manual Penetration Testing.
Tools: Proficiency in tools like Burp Suite, Nmap, and Metasploit is essential.
Practical Skills: You may be asked to identify vulnerabilities in a live scenario or explain your methodology for a web application audit.
Difficulty: Reviews on Indeed suggest the interview is challenging, often taking 1–2 weeks to conclude
Interview questions [1]
Question 1
. Core Concepts
Q: What is the difference between VA and PT?
A: Vulnerability Assessment (VA) is a passive scan to identify security loopholes without exploiting them. Penetration Testing (PT) is an active, authorized attempt to exploit those loopholes to verify their impact.
Q: What is the OWASP Top 10?
A: It is a standard awareness document representing the most critical security risks to web applications, such as Broken Access Control and Injection.
2. Web Security (The "Must-Knows")
Q: Explain SQL Injection (SQLi) and how to prevent it.
A: SQLi occurs when an attacker inserts malicious SQL code into input fields to manipulate a database. Prevention is done via Parameterized Queries (Prepared Statements) and input validation.
Q: What is the difference between Stored and Reflected XSS?
A: Stored XSS permanently saves the malicious script on the server (e.g., in a comment section). Reflected XSS is "reflected" off a web server through a link or search field and isn't stored.
Q: What is CSRF and how do you mitigate it?
A: Cross-Site Request Forgery tricks a logged-in user into performing unwanted actions. Mitigation involves using unique Anti-CSRF Tokens for every sensitive request.
3. Networking & Tools
Q: What are the stages of a Penetration Test?
A: 1. Reconnaissance, 2. Scanning/Enumeration, 3. Vulnerability Analysis, 4. Exploitation, 5. Post-Exploitation/Reporting.
Q: Name your preferred VAPT tools.
A: Burp Suite (Web Proxy), Nmap (Network Discovery), Metasploit (Exploitation), and Nessus (Vulnerability Scanning
I applied through university. I interviewed at Mirox Cyber Security
Interview
Technical interview followed by the HR interview. They asked about the technical knowledge in the domain of cyber security and about some VAPT tools and their working in depth. Overall experience was good.
I applied online. The process took 5 days. I interviewed at Mirox Cyber Security
Interview
As far as i know hiring is strictly based on performance. First round telephonic, second round is face to face. Almost a day i spend on interview, practical test will be done .after that HR round .if selected they will inform us with further process
Top companies for "Compensation and Benefits" near you