Software Prevents SQL Database Intrusions

September 25, 2002

[From Internet Week]

Entercept Security Technologies on Monday rounded out its line of intrusion-detection software with a new version of its product designed specifically to thwart common SQL database attacks.

One specific type of attack that Entercept is targeting with its Entercept Database Edition is a SQL injection, whereby a hacker enters a SQL command, such as "Select * from users," into a log-in field. Many applications that run on top of SQL lack the security controls to prevent that command from actually executing and returning the results, even though the command is being entered at a log-in field.

The complete article is available at http://www.internetweek.com/breakingNews/INW20020916S0013.