Many web application firewalls rely on regular expressions to detect attacks on vulnerable web applications. New tool developed by Etsy’s Nick Galbreath at Black Hat shows how regular expressions can be prone to breaking down and producing false positives. The tool converts input into a stream of tokens, disambiguates, merges and merges strings together, does all the stuff it needs to do and then reduces false positives, he says. Using the tool is more lightweight and streamlines the process of analyzing user data.”]
Source: https://www.darkreading.com/database-security/simplifying-sql-injection-detection