There are few SQL vulnerabilities as commonly exploited as SQL injection. This form of database attack has destroyed companies and ruined careers, and is a constant challenge for database administrators. As a database professional, data is your greatest asset, and it is your responsibility to guard it above all else. SQL injection is not limited only to Dynamic SQL, but is a technique that can be applied to many areas of SQL Server. Therefore, understanding and defending against it are the most important priorities when considering SQL Server security.