How to Detect SQL Injection Attacks Using Extended Events and SQL Monitor

There are several strategies for detecting SQL Injection attacks and other attempts at penetrating a SQL Server database. It has become increasingly common to add a penetration test to the set of tests that are performed on a release candidate of a database application to check that all the obvious attack vectors are well tied-down and to ensure that the database can detect attempts at penetration.

Read full news article on Dzone