An important aspect of database security is designing your applications to avoid SQL injection attacks. SQL injection is a form of web hacking whereby SQL statements are specified in the fields of a ...

How to Tame SQL Injection As part of its Secure by Design initiative, CISA urged companies to redouble efforts to quash SQL injection vulnerabilities. Here's how.

[The following is excerpted from "Anatomy Of A SQL Injection Attack," a new report posted this week on Dark Reading's Database Security Tech Center.] It started with a vulnerability on a password ...

He also urged website operators to "check your applications and make sure that they are not vulnerable" to SQL injection vulnerabilities.

Tools are available that allow attackers to quickly check home-grown and third-party Web applications for SQL injection vulnerabilities, Wysopal said.

The huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks and could finally push retailers to deal with Web application security flaws.