Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Mar 01, 2012

ASM - Dynamic SQL Injection Protection

Hello All,

We know that big IP ASM can protect against SQL Ijnection attacks.

But Does it protect against "Dynamic SQL Injection Attacks"? If yes , how does it do it.

Any reply will be greatly appreciated.

Nik

hooleylist
Cirrostratus
Mar 02, 2012
Hi Nik,

ASM is positioned between HTTP clients and the front end web server tier. So ASM doesn't validate web app to SQL communication. It does look for suspicious user input using attack signatures, character set validation, size limits, etc. This should be the same whether the web app is using dynamic SQL queries or not.

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming