As for SQL injection, unfortunately there is no easy solution. The remediation for SQL injection is the same for .NET as it is with any other language. Validate user input and use parameterized queries. As is the case with.NET and XSS, I predict a solution will also end up being integrated right into the language so that anytime developers make calls to the database this will all be done automatically to ensure secure code.
* ASP.NET tool upgrade: Compuware releases SecurityChecker 2.5
* Discover the power of .NET's code access security
* Developing secure .NET applications
Dig Deeper on Building security into the SDLC (Software development life cycle)
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.