• Input data validation is most important for any software application because of the dangers posed by tainted input at various levels of its execution
  • Whitelisting is a process to verify the inputs against the possible expected known values
  • Testing input values against a set of negative expected inputs is called as blacklisting
  • Java framework allows controlling user behavior in Java and helps save time by eliminating the creation of test scripts
  • A regular expression provides a concise and flexible means to “match" (specify and recognize) strings of text, such as particular characters, words, or patterns of characters
  • The Struts validator framework is used to validate input on both the user browser and the server side
  • Prepared statements define methods and properties that are used to send SQL commands to retrieve data from the database
  • Stored procedures prevent SQL injection attacks by performing thorough validation on any user input before processing data
  • Golden Rule: All external input, no matter what it is, is examined and validated