Scrutinizing International Security Standards To Mitigate the Vulnerabilities arising through SQL Injection Attacks

In recent years, web application security has become the primary discussion for security experts, as application attacks are constantly on rise and posing new risks for organizations. Web applications use input from HTTP requests (and occasionally files) to determine how to respond. Attackers can tamper with any part of an HTTP request, including the URL, query string, headers, cookies, form fields, and hidden fields, to try to bypass the site’s security mechanisms. The implementation of international security standard is to minimize the security failures and to mitigate their consequences. Several trends have emerged lately in the attacks launched against web application. The aim of this presentation is to analyze the various international standards like ISO-27002, OWASP, COBIT, NIST which focus on security of web applications from the perspective of preventing web applications attacks predominantly SQL injections.