xianshield

At last! After about 7 months of work, "SQL Injection Defenses" is published. The paper covers many PHP, Perl, Java, .NET, and Ruby on Rails. It describes programmatic, automated, and blind SQL injection attacks, and describes several defenses, from secure programming, to penetration testing, to monitoring. I hope you'll find it helpful. It's published as a ShortCut with O'Reilly Press, and it's only $10.