Monday, May 4, 2009

SQL Injection Invasion
by Christian Perry, Processor

Weak Web Applications Increasingly Fall Prey To This Potentially Devastating Attack

As security measures in data centers become progressively more stringent, hackers are turning to more unique methods to access sensitive data. One of these is SQL injection, which replaced cross-site scripting as the predominant Web application vulnerability in 2008, according to an IBM study.

Key Points

  • SQL injection threats are now the top Web application vulnerability and pose a serious threat to servers and databases holding sensitive data.
  • Coding procedures should keep an eye on the potential for SQL injection by preventing unexpected user input.
  • Certain intrusion systems and regular testing can bolster efforts to prevent these attacks.

    Organizations should implement real-time database activity monitoring technology to track all SQL transactions and continuously check for unusual or suspicious activity, such as a high volume of failed logins, an unusually high volume of queries in a given period of time, or the execution of SQL commands that are not typically executed by the organization's Web applications.

    • Click here to read this article
    Posted by at

    No comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)