Do you know how can an institute or a company can safeguard himself from SQL injection?

Submitted by: Muhammad
An organization can rely on following methods to guard themselves against SQL injection

☛ Sanitize user input: User input should be never trusted it must be sanitized before it is used
☛ Stored procedures: These can encapsulate the SQL statements and treat all input as parameters
☛ Regular expressions: Detecting and dumping harmful code before executing SQL statements
☛ Database connection user access rights: Only necessary and limited access right should be given to accounts used to connect to the database
☛ Error messages: Error message should not be specific telling where exactly the error occurred it should be more generalized.
Submitted by: Muhammad

Read Online Information Security Officer Job Interview Questions And Answers