Questions about this topic? Sign up to ask in the talk tab.
SQL injection/countermeasures/environment/security systems
From NetSec
- SQL injection > Countermeasures > environment > Security Systems
Web application firewalls usually operate at the same layer as the HTTP server or web applications, and thus monitor the protocol and input layers. This is different than normal IDS, which are stand-alone pieces of software or hardware that inspect the network and the host layer. Most intrusion detection mechanisms built for web applications operate using signature-based detection. Therefore, as long as an attack does not match a signature, it will slip by most of them.