While we might wish SQL injection was no longer a problem in our industry, multiple large breaches in 2017 alone reveals that it still is a problem. The largest among them was the Equifax breach, for which security researchers found a number of vulnerabilities in public facing web sites, which included sites vulnerable to SQL injection attacks.
In this webinar we’ll look at how a SQL injection attack works, what an attacker can gain using a SQL injection attack, and how we might prevent such an attack.
We’ll also look beyond Microsoft SQL Server, since the best layer for an attack is any layer that processes the input.
K. Brian Kelley is a SQL Server author, columnist, and Microsoft MVP focusing primarily on SQL Server and Windows security. In addition to being a database administrator, he has served as an infrastructure and security architect encompassing solutions with Citrix, virtualization, and Active Directory. Brian is also a Certified Information Systems Auditor (CISA) and has been the head of a financial organization’s computer incident response team. Brian is active in the IT community having spoken at DevConnections, SQL Saturdays, code camps, and user groups. He is also the President of the Midlands PASS Chapter, a Professional Association for SQL Server Chapter located in Columbia, SC.
Topics: Database Security Products: SQL Secure