- Listen to our monthly AppSec Stats Flash podcast
- LEARN MORE
Improper Input Handling is the term used to describe functions such as validation, sanitization, filtering, or encoding and/or decoding of input data. Improper Input Handling is a leading cause of critical vulnerabilities that exist in today’s systems and applications.
The root cause of Improper Input Handling is the application trusting rather than validating data inputs. One of the critical aspects of input handling is validating that the information satisfies specific criteria. All inputs should be considered untrusted as they can come from various mechanisms and be transferred in multiple formats.
For proper validation, it is essential to identify the form and type of data acceptable and expected by the application. This is required to define restrictions and avoid Improper Input Handling attacks accurately.