O'Reilly logo

24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them by John Viega, David LeBlanc, Michael Howard

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

SIN 1SQL Injection

OVERVIEW OF THE SIN

SQL injection is a very serious code defect that can lead to machine compromises, the disclosure of sensitive data, and more recently, spreading malicious software. What’s really worrying is the systems affected by such vulnerabilities are often e-commerce applications or applications handling sensitive data or personally identifiable information (PII); and from the authors’ experience, many in-house or line-of-business database-driven applications have SQL injection bugs.

Allow us to be, hopefully, abundantly clear about the potential for havoc. If you build applications that communicate with databases and your code has one or more SQL injection vulnerabilities (whether you know it or not!), you are putting ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required