Injections 101: SQL and Beyond

Posted on

Length: 30 minutes
Rating: 1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

Loading...

This introductory course will provide a basic understanding of SQL injection as a pattern of attack and a special case of an overall pattern of injection attacks. The course will explain how that pattern applies to Shell injection, LDAP, XML, JSON and other languages and domains. It will also provide strategies for preventing and fixing injections when testing them in an application.

The primary intended audiences for this course are architects, developers and testers who are either unfamiliar or only somewhat familiar with SQL injections and other injection attacks. Development managers and others in positions to set defect resolution priorities and make implementation solution decisions will also benefit from this material.

Acknowledgements: SAFECode would like to thank Adobe for donating the material that formed the basis for this course.

Copyright © 2007-2018 Software Assurance Forum for Excellence in Code (SAFECode) – All Rights Reserved
Board-Approved Privacy Policy