Prevent Complete SQL Injection

Voice of the DBA - A podcast by Steve Jones

Categories:

I would hope most of you reading this know what SQL Injection (SQi) is and how you can prevent it. Or at least what patterns cause problems. If not, here's a short explanation that is worth reading. If you have more questions, ask in our forums. SQL Injection has been, and continues to be, a problem in many systems. In fact, I chatted with Mike Walsh recently after he'd published this post on an attack for one of his clients. He has some notes that explain how your database server might be vulnerable, as well as a description of a recent attack example. He also notes that many of you are responsible for protecting data, which is separate from other security mechanisms. You need to be sure you are protecting your data, even in vendor applications. Read the rest of Prevent Complete SQL Injection