Although this book is focused on building a secure Cordova app, many of the following security concepts apply to most situations, including native and web apps. We can't cover every possible security risk, but the following should give you a good foundation.
It's tempting to think that the data coming from any of your app's tiers will be safe to use; after all, the data has been entered by your enterprise's users, and it's been passed through code you've written.
Unfortunately, not every user in your enterprise will always enter safe data as no one is perfect. Furthermore, if a malicious user gained access to your app (or any of the middle or backend tiers), they will certainly send malicious data in an attempt to compromise your system.
There are many different kinds of unsafe input and you've probably heard about some of these attacks in the news, including SQL and code injection, and buffer overruns. SQL injection relies on poorly...