Forum Discussion

Nimbostratus

Mar 01, 2012

ASM - Dynamic SQL Injection Protection

Hello All, We know that big IP ASM can protect against SQL Ijnection attacks. But Does it protect against "Dynamic SQL Injection Attacks"? If yes , how does it do it. A...

security

hooleylist

Cirrostratus

Mar 02, 2012

Hi Nik,

ASM is positioned between HTTP clients and the front end web server tier. So ASM doesn't validate web app to SQL communication. It does look for suspicious user input using attack signatures, character set validation, size limits, etc. This should be the same whether the web app is using dynamic SQL queries or not.

Aaron

Forum Discussion

ASM - Dynamic SQL Injection Protection

Recent Discussions

BIG-IP DNS iRule issue with static variable

F5 ASM logging profile to specify source IP

Portal Access to HTTPS resources slow

Cannot login to Avaya wanx using f5 apm network access

Hi All, We have viprion 4300 with 4450 blades with 6 blades all blades having same configuration

Related Content

Beyond REST: Protecting GraphQL

L7 DoS Protection with NGINX App Protect DoS

Managing NGINX App Protect WAF for Beginners

F5 Distributed Cloud Bot Defense Protecting AWS CloudFront Distributions

Mitigating OWASP API Security Top 10 risks using F5 NGINX App Protect