application-security

Input Validation

Definition

Input validation ensures that data supplied by users or external systems conforms to expected types, formats, lengths, and ranges before processing. It is the first line of defense against injection attacks, buffer overflows, and business logic exploits.

Validation should be performed server-side (never trusting client-side only), using allowlists that define acceptable input rather than denylists of known bad input.

Related Terms

Output Encoding

Parameterized Queries

Parameterized Queries (Prepared Statements)

Injection

Injection Attack

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product