SQL Injection: From the Basics to Botnet-Based Attack Automation

SQL Injection is an enormous emerging data security threat, used to commit wide-scale fraud, steal from bank accounts, capture credit card numbers, distribute malware, and construct botnets. Neil Daswani reviews how SQL Injection works, provides examples of advanced and automated SQL injection attacks, outlines how to properly defend against attacks, and discusses why you must defend against them — even if you don’t store “sensitive” information in your databases.

Presenter: Neil Daswani has held R&D, teaching and managerial roles at Google, Stanford University, DoCoMo USA Labs, Yodlee, and Bellcore (now Telcordia). He is an expert in data security, and the lead author of “Foundations of Security: What Every Programmer Needs to Know.”

Language: English

Date: Jun 19, 2008

Get Presentation

(Free Registration Required)