7. Testing Code for SQL Injection Flaws
There is no "silver bullet" when it comes to testing for SQL injection vulnerabilities. However, there are a number of strategies that can be employed. Using a combination of these strategies should be regarded as a sensible minimum in order to get some degree of confidence in freedom from vulnerabilities.
 |
Explain the strategies for testing and reviewing code |
|
Describe the code testing and reviewing tools available |
|
Outline the code review process |
|
Identify the minimum test cases to run |