SQL Injection Prevention

Prophaze WAF deployed wide range of methods into its core algorithm to block generic and advanced SQL injection attacks where not-sanitised user inputs is used to inject SQL commands which can disclose system Information and data leakage . The most common sql injection methods blocked are .

• SQL comment sequence

• SQL hex sequence

• SQL String Termination

• SQL Operators Blocking

• Blocks SQL Tautologies

• Blocks Common Database Names

• Blind SQL injection Blocking

• Injection Character anomaly blocking

• Injection Payload Blocking

• MSSQL specific signatures

• SQL Integer overflow

• SQL sleep command exploit

• Prevents conditional SQL injection

• MySQL character switch injection

• SQL Authentication Bypass

• pg_sleep injection

• Chained SQL Injection

• Stored procedure Injection

• UDF Injection using data structure manipulation

• Concatenated SQL Injection