• Using Runtime Protection
• Securing the Database
• Additional Deployment Considerations
In Chapter 8, we discussed practices and defenses that you can employ at the code level to prevent SQL injection. In this chapter, we’ll shift our focus to platform-level defenses that detect, mitigate, and prevent SQL injection. A platform-level defense is any runtime enhancement or configuration change that can be made to increase the application’s overall security. The scope of protection we’ll cover in this chapter varies; however, as a whole the techniques we’ll discuss can help you to achieve a multi-layered security architecture.
First we’ll examine runtime ...