Yet another big company hit with SQL Injection problems (BT.com)
In last couple of weeks big companies have been attacked and are having big issues with SQL Injection. At this time British Telecom (bt.com) was the target company (see more info at here).
Big companies such as Kaspersky , British Telecom and hundreds of others could easily fix these issues with a well-structured SDL process or using some Web Application Security Scanner such as N-Stalker that could detect and mitigate the problem.
Another good post that we read today really fit this problem: “Application Security: A Tool Cannot Solve What Fundamentally is a Process Problem” that simply agrees with that. Companies aren’t making their home work: scanning tools should be fully integrated within your development process.
Creating a process with manual and automatic tools could save a lot of money and keep your website safer.
N-Stalker Research Labs.