2 Replies Latest reply on Jan 28, 2014 5:50 PM by byrona

    How to detect SQL Injection Attacks?

    byrona

      I am curious how you would configure a LEM correlation rule to capture a SQL injection attack?  I see that there is a User Defined Group called "XSS and SQL Injection Vectors" but I am not sure exactly how I would build that into a correlation rule.  I tried using it in an nDepth search and it generated an error.