Chapter 9 Platform level defenses

Justin Clarke

Solutions in this chapter:

• Using Runtime Protection

• Securing the Database

• Additional Deployment Considerations

Introduction

In Chapter 8, we discussed practices and defenses that you can employ at the code level to prevent SQL injection. In this chapter, we’ll shift our focus to platform-level defenses that detect, mitigate, and prevent SQL injection. A platform-level defense is any runtime enhancement or configuration change that can be made to increase the application’s overall security. The scope of protection we’ll cover in this chapter varies; however, as a whole the techniques we’ll discuss can help you to achieve a multi-layered security architecture.

First we’ll examine runtime ...

Get SQL Injection Attacks and Defense, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SQL Injection Attacks and Defense, 2nd Edition by Justin Clarke-Salt

Chapter 9

Platform level defenses

Solutions in this chapter:

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly