slug: security.sql-injection
This standard deals with identifying vulnerability in your application of SQL injection attacks, and mitigating that vulnerability.
In order to fully cover this standard, a performance must be recording for each of the following objectives:
- Identify SQL injection risks
- Mitigate SQL injection risks using parameters
- Mitigate injection risks using whitelists
- Distinguish between the limitations of SQL Injection mitigation strategies
- Demonstrate a SQL injection attack using parameter manipulation
- Recognize SQL injection vulnerabilities in ORMs & other frameworks