- Listen to our monthly AppSec Stats Flash podcast
- LEARN MORE
Data validation, also known as input validation, is a method of ensuring that incoming data is uncompromised before it is allowed to be processed. During transmission to programs, applications, and services, data can be corrupted. Data validation employs one or several checks, routines, and rules to ensure that the data coming into a system is meaningful, accurate, and secure. If the incoming data is not properly sanitized this can result in code injection.
An application should check that data is both syntactically and semantically valid before using it in any way.
These data validation routines, rules, and constraints test for the correctness, meaningfulness, and security of incoming data.
Want to know what can happen when data validation is done improperly? Read about code injection.