Article

Tips for SQL injection protection

Robert Westervelt, News Director

Microsoft recently identified tools to help software developers, security pros and others on the software development team serve up more secure code and defend against SQL injection attacks. Over

    Requires Free Membership to View

the last several months researchers have been tracking the attacks, which appear to be automated, using a number of hacker toolkits that can be purchased on the black market. In this podcast, Scott Matsumoto, a secure coding expert with Cigital Inc. explains the tools available and other ways companies can scan their Web-based software for errors that leave it vulnerable to attack.

  Tips for SQL injection protection: 

  Program Links: 

  • Microsoft identifies tools to address SQL injection attacks: On the heels of a tidal wave of SQL injection attacks in recent months, Microsoft issued an advisory to identify tools that could help stave off the attacks.

  • How to apply ISO 27002 to PCI DSS compliance: The Payment Card Industry Data Security Standard may be fairly straightforward, but it's lacking in defining the processes that will ultimately lead to PCI DSS compliance.

  • Microsoft tools won't be quick fix for SQL injection attacks: Microsoft's security advisory will help raise awareness about secure software coding, but it won't stop the onslaught of SQL injection attacks, experts say.

  • New wave of SQL injection attacks alarm researchers: Researchers are uncovering a wave of SQL injection attacks, suggesting that attackers are finding it easy to compromise new targets.

  • SQL injection attack infects hundreds of thousands of websites: Security experts are watching massive numbers of automated SQL injection attacks from Chinese domains. Attackers use simple search engine queries to build a list of targets.

  • Information Security podcasts: Visit SearchSecurity's podcast archive.


    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: