All interactions between our web servers and database servers are carried out by Entity Framework which ensures that no SQL statements are written “by hand” and all values are parameterized. Also, we have applied SQL Database Threat Detection to capture any anomality.