LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Unlock the full course today

Join today to access over 24,100 courses taught by industry experts.

Inputs and outputs

Inputs and outputs

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Start my 1-month free trial Buy for my team

Inputs and outputs

“

- [Instructor] Attackers often use input fields to introduce malicious content into your applications. It's that ability for an attacker to interact with your application that makes it possible for them to launch some fairly damaging attacks in the first place. That's why learning how to securely manage user input and output is so important. Input validation may be one of the most significant, most effective security controls that you can build into your application. The number of potential risks that can be mitigated by this one control is staggering. When you perform input validation, you instruct the application to perform a series of checks on any user-supplied data before you pass that data to any backend system. These checks are designed to root out anything in the data that might present a risk to the application or to the app infrastructure. During my penetration testing days, I found an application that one of our customers was using that checked the health of an application…

Contents