A security analyst notices that a web application is vulnerable to SQL injection. The application uses parameterized queries for most inputs but concatenates user input directly into a query for a legacy module. Which is the BEST immediate remediation?
Select one:
ISC2 often tests the misconception that a WAF or input validation is sufficient to prevent SQL injec...