SQL Injection Prevention Mechanism

Q: What mechanisms does digiRunner use to prevent SQL Injection attacks?

(Keywords: SQL Injection, Security Checks, WAF, Gateway Protection, Risky Characters)

A: digiRunner implements basic SQL injection checks directly at the gateway level to ensure API security.

How it works:

The system uses a lightweight safeguard designed to block requests containing specific risky characters known to be associated with common injection attacks. Specifically, the gateway inspects traffic and blocks inputs containing:

• Single quotes (')

• Semicolons (;)

Important Security Note:

These checks serve as a first line of defense against obvious attack attempts. However, digiRunner does not include a built-in, full-featured Web Application Firewall (WAF).

For comprehensive protection against advanced or complex SQL injection threats, we strongly recommend a layered defense strategy: combine digiRunner with a dedicated WAF or infrastructure-level security controls.