|
|
|
|
|
|
by lloeki
2561 days ago
|
|
|
(Sqreen Ruby engineer here) Since the agents execute inside the application/service, we have full context of the operations going to be performed (e.g whether a fragment of a SQL query a) will be executed and b) comes from user input). Therefore we're not basing detection of contextless patterns and any false positive/false negative of those classes of attacks is deemed a bug. |
|
|