[Previous entry: "David Litchfield has started a new blog"] [Next entry: "New presentation on Database Vault faults"]
A new SQL Injection protection PL/SQL package
October 29th, 2007 by Pete
Post to del.icio.us
Post to Furl
I saw a post on my Oracle security forum by Gary titled Steven F's SQLguard - sql injection prevention pkg that announces that Steven Feuerstein has created a PL/SQL package called sql_guard that he is calling SQL Guard that aims at developers to help them prevent SQL Injection attacks from being successful on the said developers deployed code.
This sounds very interesting and I for one have dropped Steven an email to ask for a copy for testing to see how well it works and whether its going to be of value to developers. Without seeing it its hard to comment more now, but I will comment more here if Steven does let me have a copy to test.
October 30th, 2007 at 04:21 pm
Steven Feuerstein says:
Hi Pete,
I am so glad you saw that posting and of course I very much want you to look at it!
I will be writing some documentation on SQL Guard (which is not yet completed, but an early version is ready for some initial review) and then I will let all who have expressed interest to know about it.
Regards, SF