input-validation
Safeguard articles tagged "input-validation" — guides, analysis, and best practices for software supply chain and application security.
22 articles
Secure Coding for Beginners: Writing Code That Resists Attack
Secure coding is not a separate discipline you bolt on later. It is a set of small habits you weave into the way you already write software. Here is a friendly introduction with a first exercise to try today.
Prompt Injection Prevention: A Defense-in-Depth Guide
Prompt injection is the top risk on the OWASP list for LLM applications for a reason: there is no single patch. Preventing it means layering controls around a model that cannot reliably tell instructions from data.
C# Secure Coding Guide: Patterns That Prevent Real Bugs
A hands-on C# secure coding guide covering input validation, safe APIs, path traversal, injection, and the language-level patterns that keep vulnerabilities out of your code.
What is Input Validation
Input validation stops malicious data at the door. See the CVEs — Equifax, Log4Shell, MOVEit — that prove why skipping it, or doing it wrong, is so costly.
Python email module address-parsing confusion (CVE-2023-27043)
CVE-2023-27043 shows how a Python email-parsing quirk lets attackers spoof trusted domains and bypass allowlist-based access controls silently.
Regular expression injection explained
Regex injection lets attackers rewrite pattern logic or trigger ReDoS. See real CVEs, exploit examples, and how to detect and fix it in your code.
Improper input validation (CWE-20) explained
CWE-20 explained: how improper input validation causes SQLi, RCE, and DoS, with real CVEs like Equifax's Struts breach and how to detect and fix it.
SSRF Attacks: How Server-Side Request Forgery Works
SSRF tricks a server into making requests an attacker controls — reaching internal services, cloud metadata endpoints, and data no external user should touch. Here is how it works and how to stop it.
SQL Injection Basics for Engineers Who Aren't Security Specialists
SQL injection is still one of the most common ways applications get breached, and the fix is usually a one-line change — this walks through the basics with a real example.
File Upload Vulnerability Prevention: A Practical Guide
File upload functionality is one of the most dangerous features in web applications. This guide covers the attack vectors, bypass techniques, and layered defenses needed to handle file uploads securely.