SQL Injection

How to Identify SQL Injection Vulnerabilities for Better Security

The class of vulnerabilities known as SQL injection continues to present an extremely high risk in the current network threat landscape. SQL injection has been ranked as one of the top risks on the MITRE Common Weakness Enumeration (CWE)/SANS Top 25 Most Dangerous Software Errors list. https://www.sans.org/top25-software-errors Exploitation of these vulnerabilities has been implicated in many recent high-profile intrusions. Although there is an abundance of good literature in the community about how to prevent SQL injection vulnerabilities, much of this documentation is geared toward web application developers.

Continue reading