Hi, in the cisco IPS there is only 2 signatures that detect SQL in http request, checking a certain select ... from statement, but there are a lot more SQL injection technigues using the Drop or the insert, checking also the (') ... why is there not much more signatures about SQL injection ? what is the best way to do them manually ?
Thank you