NO they need web developers that know how code properly, this is the biggest attack vector in web applications, because web developers don't sanitize their input, which leads to these injection flaws.
https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project A1 ( Injection Flaws, IE SQL injection) And its 3rd on the list in the Web Hacking Incident Database. http://projects.webappsec.org/w/page/29620941/Web-Hacking-Incident-Datab ase-2010-Semi-Annual-Report And sharing is caring: Web developers out there that work with any type of DB backend: READ THIS PLEASE!!! http://projects.webappsec.org/w/page/13246963/SQL-Injection Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:[email protected] Cell:401-639-3505 From: Micheal Espinola Jr [mailto:[email protected]] Sent: Tuesday, April 12, 2011 12:54 PM To: NT System Admin Issues Subject: Re: Ruh Roh..... SQL again... tsk tsk tsk... Apparantly they need to monitor their monitoring... -- ME2 On Tue, Apr 12, 2011 at 9:30 AM, Kurt Buff <[email protected]> wrote: Barracuda got bit: http://www.darkreading.com/database-security/167901020/security/attacks- breaches/229401358/yet-another-security-firm-breached-employee-email-use r-accounts-leaked.html Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
