July 2017
Beginner to intermediate
358 pages
10h 54m
English
In our scenario, the attacker used a remote code execution exploit to gain access to our environment. The first line of defense after the WAF is input validation. All data should be validated to set bounds; it does not take an enormous amount of time to implement and can help you protect against such an attack. There is an excellent library in Go that is part of the go-playground package (https://github.com/go-playground/validator).
Take a look at this simple code example to see just how easy it is to implement:
validation/main.go
3 // Request defines the input structure received by a http handler 4 type Request struct { 5 Name string `json:"name"` 6 Email string `json:"email" validate:"email"` 7 URL string `json:"url" validate:"url"` ...Read now
Unlock full access