108 Security Tests
Every validation rule is verified with automated tests for incoming queries and outgoing responses.
Test Categories
Our test suite covers all aspects of bidirectional database query validation.
Query Whitelist
16 TestsSQL whitelist enforcement, table permissions, function restrictions.
SQL Injection Prevention
4 TestsParameterization enforcement, inline value blocking.
Authentication
8 TestsSCRAM-SHA-256 validation, user verification, password security.
Authorization
10 TestsTable/function permissions, database restrictions, access control.
Response Validation
4 TestsRow limits, column masking, result validation.
Rate Limiting
2 TestsQuery throttling, DoS prevention.
Policy Engine v2
14 TestsTemplate matching, parameter validation, range checks.
Transaction Safety
6 TestsBEGIN/COMMIT/ROLLBACK, savepoints, transaction isolation.
Error Handling
3 TestsSyntax errors, missing tables/columns, error propagation.
Bidirectional Validation
Query Validation
Incoming queries are validated against the whitelist before reaching the database:
- Query template matching
- Parameter type validation
- Table/function allowlist
- SQL injection pattern detection
Response Validation
Outgoing responses are validated to prevent data leaks:
- Row count limits
- Column masking (SSN, email)
- Result schema validation
- Error response sanitization
Compliance Mapping
Our tests are aligned with industry standards and regulations.
ISO 27001
Controls for access control, cryptography, and operational security.
OWASP Top 10
Full coverage of OWASP Database Security risks including SQL injection.
BSI Grundschutz
IT baseline protection modules for database security.
BAIT/VAIT
Financial sector-specific requirements from BaFin.