1 / 17

Hands-on SQL Injection Attack and Defense

Hands-on SQL Injection Attack and Defense. Winter ICT Educator Conference Jan. 3-4, 2013. Bio. How Important is SQL Injection?.

shoshana-reynolds
Download Presentation

Hands-on SQL Injection Attack and Defense

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Hands-on SQL Injection Attack and Defense Winter ICT Educator Conference Jan. 3-4, 2013

  2. Bio

  3. How Important is SQL Injection?

  4. SQL injection continues to reign as hackers' most consistently productive technique for stealing massive dumps of sensitive information within corporate databases. • In fact, according to analysis done by database security firm Imperva of breach events between 2005 and July of this year, 82 percent of lost data due to hacking was courtesy of SQL injection. • http://www.darkreading.com/database-security/167901020/security/news/240006491/hacktivists-continue-to-own-systems-through-sql-injection.html

  5. http://news.techworld.com/security/3331283/barclays-97-percent-of-data-breaches-still-due-to-sql-injection/http://news.techworld.com/security/3331283/barclays-97-percent-of-data-breaches-still-due-to-sql-injection/

  6. In 2008 SQL Injection became the leading method of malware distribution • 16 percent of websites are vulnerable to SQL Injection • http://jeremiahgrossman.blogspot.com/2009/02/sql-injection-eye-of-storm.html

  7. Are You Vulnerable?

  8. Example SQL Injection Vulnerability

  9. The Commands Used to Steal the Data

  10. Data Breach

  11. Hands-On SQL Injection Project • http://samsclass.info/124/proj11/SQLi-MPICT.htm

  12. Series of Projects

More Related