It’s been a while since I’ve posted around these parts.
I’ve been heads down working on a new project called Inject Detect, and I’m excited to announce that it’s officially open to the public!
The idea behind Inject Detect came after working with clients on a wide variety of projects, and observing that Meteor applications are often vulnerable to a type of attack called NoSQL Injection. Put simply, NoSQL Injection is when an attacker can gain control over queries executed against your MongoDB database.
What’s worse, there’s no good way of determining if NoSQL Injection attacks are being carried out against your application in production.
Inject Detect watches the structure of the queries being made by your application and notifies you if it detects any unexpected queries that might be the result of NoSQL Injection attacks.
If you’d like to learn more about NoSQL Injection or about how Inject Detect can help your application, check out a few articles I’ve written on the subject.
I’m interested to see what you think about this idea, and to learn more about how you protect your application from NoSQL Injection attacks!