The Open Web Application Security Project (OWASP) has periodically compiled and published (2013, 2017) the OWASP Top 10 The Ten Most Critical Web Application Security Risks. SQL Injection has remained the number one security risk for web applications for more than 6 years. It is the mechanism behind many high-profile internet attacks.

As a security consultant, what advice or recommendations would you give clients to help them understand the risk posed by SQL Injection and what countermeasures they may take or build into their web application development process to help avoid or mitigate the risk.