Free Trial

SQL Injection Prevention

What is Prophaze WAF?

How Prophaze WAF Works

System Requirements

Performance

SSL Termination

Modes Of Operation

Prophaze WAF Best Practices

WAF ONBOARDING

Prophaze WAF Registration

WAF Deployment Models

Cloud

On-Premise

Kube-native

THREAT ANALYSIS

Dashboard

Traffic Analysis

Bot Analysis

Attack Analytics

Rules Page

Attack Types

Incidents

Reporting

HTTP SUPPORT

Encoding Types

Protocol Validation

PROTECTION USE CASES

HTTP Protocol Violation

Protocol Anomalies

Bot Detection

Injection Prevention

HTTP Request Smuggling

HTTP Response Splitting

XSS Prevention

LFI And RFI

Session Fixation

SQL Injection Prevention

Layer 7 Dos Attack Prevention

PHP Application Protection

DETECTION TECHNIQUES

Normalization

Negative Security Model

Signature And Rule Database

Prophaze WAF deployed wide range of methods into its core algorithm to block generic and advanced SQL injection attacks where not-sanitised user inputs is used to inject SQL commands which can disclose system Information and data leakage. The most common sql injection methods blocked are.

SQL comment sequence

SQL hex sequence

SQL String Termination

SQL Operators Blocking

Blocks SQL Tautologies

Blocks Common Database Names

Blind SQL injection Blocking

Injection Character anomaly blocking

Injection Payload Blocking

MSSQL specific signatures

SQL Integer overflow

SQL sleep command exploit

Prevents conditional SQL injection

MySQL character switch injection

SQL Authentication Bypass

pg_sleep injection

Chained SQL Injection

Stored procedure Injection

UDF Injection using data structure manipulation

Concatenated SQL Injection

Preview

Session Fixation

Next

Layer 7 Dos Attack Prevention