CSOonline

JSON-based SQL injection attacks trigger need to update web application firewalls

Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support for ...
TheServerSide

Understanding How the Application Server's Web Container Works

To understand how to do proper application server development, you need to understand how the two basic containers of an application server work, namely the Web container and the EJB container. This ...
InfoWorld

Glastopf Web application honeypot gets SQL injection emulation capability

The Honeynet Project, a non-profit organization that develops open-source security research tools, has created a component for the Glastopf Web application honeypot software that can emulate ...
Ars Technica

Getting SQL in the DMZ?

So, we want to get a SQL box on a separate leg of our DMZ to limit what would be compromised if someone got at it. Assuming we don't need real-time mirroring between the SQL box on the LAN and the box ...