You can't secure what you don't acknowledge.SM

Wednesday, April 30, 2008

Yet another reason for testing your Web applications for security flaws

This is a very interesting story. Apparently attackers are automating SQL injections on vulnerable sites/apps with SQL Server backends. I've always been a big fan of automated SQL injection tools such as what HP's WebInspect has built-in but this brings a whole new meaning to automated SQL injection!

Yet another reason you need to be testing your Web applications for security vulnerabilities consistently and without fail.

No comments:

Post a Comment