I need to know how webMethods makes sure to be protected against code and html inserts and SQL injections but I cant find this information anywhere. I find information about API Gateway Server policies but Im not using this feature (I think).
Im just using CAF and Portlets from UI and Tasks, IS for services and adapters from sql transactions.
I read the webMethods Adapter for JDBC Installation and User’s Guide and only say we should not use Dynamic SQL adapter by potencial security risks on sql injection.
Where does webMethods establish its security development policies?