SQL Injection Prevention
WAF ONBOARDING
THREAT ANALYSIS
HTTP SUPPORT
PROTECTION USE CASES
DETECTION TECHNIQUES
Prophaze WAF deployed wide range of methods into its core algorithm to block generic and advanced SQL injection attacks where not-sanitised user inputs is used to inject SQL commands which can disclose system Information and data leakage. The most common sql injection methods blocked are.
SQL comment sequence
SQL hex sequence
SQL String Termination
SQL Operators Blocking
Blocks SQL Tautologies
Blocks Common Database Names
Blind SQL injection Blocking
Injection Character anomaly blocking
Injection Payload Blocking
MSSQL specific signatures
SQL Integer overflow
SQL sleep command exploit
Prevents conditional SQL injection
MySQL character switch injection
SQL Authentication Bypass
pg_sleep injection
Chained SQL Injection
Stored procedure Injection
UDF Injection using data structure manipulation
Concatenated SQL Injection