Input Validation

Now that you understand the need for mobile app security, you should learn how to implement the most fundamental security mechanism of all: input validation.

Get started

35 videos // 323 minutes of training

Course description

Lack of input validation is the single most commonly cited mistake that mobile app developers make. Corrupt or manipulated input lies at the root of most malicious hacking exploits. As a mobile app developer, you need to know how to defend your app and the user’s data from attack. In this course you will learn which characters can be misinterpreted as commands, and how to render those characters harmless. You will practice using a number of input sanitization and techniques including regular expressions and Swift functions. You’ll defend against SQL injection, understand the larger scope of cross-site scripting and cross-site request forgeries, and validate the identity of a website API whose content your app consumes. You will also learn how to defend against unexpected attack vectors such as QR codes and deserialized JSON objects.

Course syllabus

Meet the author

Chrys Thorsen

Chrys Thorsen is a technology and education consultant with 25 years of experience. Her work has taken her around the U.S. and overseas, including as a contractor for the CDC using technology to help fight HIV/AIDS in Africa. During her career, she has acquired 40 IT certifications, authored over 25 textbooks on a wide range of IT subjects, including secure iOS and Android coding, and created an equal number of IT-related video courses. When not working, Chrys enjoys reading scientific articles and experimenting with Internet-of-Things devices. She currently lives in Virginia with her sister, her cat and her dog which, as she describes it, "have the worst sibling rivalry imaginable."

You're in good company

Infosec Skills is a very good place for building technical acumen and engineering development knowledge. It enables us to provide training to the entire team on relevant topics.

Comcast Business

Romy Ricafort, West Division Senior Director of Sales Engineering

Comparing Infosec to other vendors is like comparing apples to oranges. My instructor was hands-down the best I've had.

FireEye, Inc.

James Coyle , Senior U.S. Public Sector Channel Sales Engineer

I knew Infosec could tell me what to expect on the exam and what topics to focus on most.

Tennenbaum Capital Partners

Julian Tang, Chief Information Officer

See More Case Studies

Related learning paths

Writing Secure Code in iOS

This learning path teaches you how to incorporate security in iOS application development for mobile devices. Focused mostly on Swift, Apple's new programming language, you will learn best practices for addressing the most common security mistakes iOS app developers make. You will also learn the limits of Swift as a secure language, and how to compensate for those limits.

Plans & pricing

Infosec Skills Personal

$299 / year

Buy Now 7-Day Free Trial

190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
100s of hands-on labs in cloud-hosted cyber ranges
Custom certification practice exams (e.g., CISSP, Security+)
Skill assessments
Infosec peer community support

Infosec Skills Teams

$799 per license / year

Book a Meeting Free Team Trial

Team administration and reporting
Dedicated client success manager
Single sign-on (SSO)

Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
Integrations via API

Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
190+ role-guided learning paths and assessments (e.g., Incident Response)
100s of hands-on labs in cloud-hosted cyber ranges
Create and assign custom learning paths
Custom certification practice exams (e.g., CISSP, CISA)
Optional upgrade: Guarantee team certification with live boot camps