Hyperguarding your Web Applications

Top Security Perils When Moving an Application to the Cloud: Input Validation

Posted by hyperguard on December 31, 2009

The next security peril we identified is input validation.  Internally, the application had only trusted users who used the application ‘as intended’, and there was not a strong need to validate user input, i.e. in form fields of the application.

The challenge is that there is variety of typical web application vulnerabilities that target weak input validation, including all classes of injection attacks, more commonly SQL injection.  If the application moves to the cloud all input parameters of the application need to be validated.  This could either be implemented within the application itself or in front of the application in a web application firewall.

Follow the discussion on Twitter @hyperguard.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: