Steve_A_129440
Jul 16, 2013Nimbostratus
Frequent SQL-INJ false positives
I am having a frequent issue of the SQL-INJ signatures matching and alarming on content that has no resemblance of a SQL injection attack.
Here is an example:
txtBio=
Julie0x20Brown:0x20Julie0x20‘
This flagged attack signature 200002175 - SQL-INJ create table.
Every day I get a couple thousand of these sort of false positives. If I disable on parameter then eventually I will have no paramaters being protected.
Any thoughts?