Chapter 8. Securely Accessing Databases
At some point, it is likely your Web application will need to use a database. And, as soon as you introduce a database, you introduce a new a set of potential vulnerabilities.
In this chapter you will learn about the following:
How simple data queries can expose your data
How to safely query databases
How to secure your SQL Server database
Because this book is firmly focused on ASP.NET and the Microsoft technology stack, the SQL injection attacks are demonstrated on Microsoft SQL Server. However, nearly all database servers are vulnerable to injection attacks. The mitigations in this chapter are equally applicable to Oracle, PostgreSQL, and, to a lesser ...
Get Beginning ASP.NET Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.