[WEB SECURITY] SQL injection and N tier Architecture

Phillip Gonzalez phillip.gonzalez at owasp.org
Mon Feb 4 18:18:46 EST 2013


 You are barking up the wrong tree. SQL injection is a coding issue, tell your devs to use parameterized queries.

-phil
@bsdwiz

On Feb 4, 2013, at 4:56 PM, Infosec <infosecm at gmail.com> wrote:

> Hello,
> 
> I need to know how the different architecture will effect on application security.
> For example:
> 
> A. Web server and Database server
> B. web server , Application server and Database server
> 
> How much the above architectures secure from SQL injection?
> 
> I know multi-tier is more secure, but I need more explination.
> Multi-tier is more secure, but still doesn't prevent SQL injection, isn't?
> 
> 
> Regards,
> _______________________________________________
> The Web Security Mailing List
> 
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
> 
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
> 
> WASC on Twitter
> http://twitter.com/wascupdates
> 
> websecurity at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org



More information about the websecurity mailing list