Considering the prevalence of SQLIA and it being among the top 3 threats since it was first discovered over 20years ago. It topped OWASP's top 10 list for over a decade until it dropped to number 3 in Oct 2021. What are the reasons for this recent drop? Can it be attributed to new developer's attitude towards secure coding? If not, What are the probable cause(s) of this drop and what can we do better to further reduced SQLIA attacks.
The prevalence of SQL injection attacks is still very high if not worse than before 2020. The drop in the rankings does not translate to better mitigation techniques BUT may be related to the rise of other non SQLI attacks. This statistic can be dangerous if the focus is shifted to other areas of security concerns at the expense of research and development towards better mitigation solutions towards SQLIA incidences. SQLIA Attack techniques evolve with time so should be the mitigation techniques.
Dear Aduragbemi David Ogundijo,
I completely agree and support the opinion of dear Tadiwa Elisha Nyamasvisva. In addition to that, you might want to take a look at the information below written by IBM Security X-Force:
https://www.ibm.com/security/data-breach/threat-intelligence
Tadiwa Elisha Nyamasvisva Thank you very much for the great insight!
Atiff Abdalla Mahmoud Great information in the report but geered towards SCADA systems and less information regarding input vulnerabilities. It shed more light on ransomewares which is another fast rising threat in Web Security. Thank you
- Badges
- Science topic
- Similar topics
- Social Psychology
- Attitude