Forum Discussion

Nimbostratus

Mar 01, 2012

ASM - Dynamic SQL Injection Protection

Hello All, We know that big IP ASM can protect against SQL Ijnection attacks. But Does it protect against "Dynamic SQL Injection Attacks"? If yes , how does it do it. A...

security

hooleylist

Cirrostratus

Mar 02, 2012

Hi Nik,

ASM is positioned between HTTP clients and the front end web server tier. So ASM doesn't validate web app to SQL communication. It does look for suspicious user input using attack signatures, character set validation, size limits, etc. This should be the same whether the web app is using dynamic SQL queries or not.

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ASM - Dynamic SQL Injection Protection

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

WAF evasion techniques for Command Injection

AI Security : Prompt Injection and Insecure Output Handling.

L7 DoS Protection with NGINX App Protect DoS

Beyond REST: Protecting GraphQL

Serverside SNI injection iRule

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS