Computerworld

Beyond stored procedures: Defense-in-depth against SQL injection

SPI Dynamics – A few years ago, mentioning the phrase “SQL injection” to developers would probably get you blank stares. Today, while more developers have heard of SQL injection 1 attacks and know the ...
Dark Reading

A Weapon Against SQL Injection

The single most common database security inquiry I get is, "What's this whole stored procedure parameter thing, and how does it help with SQL injection?"With the Albert Gonzales hearings under way, ...
Security

Cybersecurity Awareness Month: How to mitigate an SQL Injection Attack

In response to this, the application security SaaS company Indusface has detailed the potential financial impact of SQL Injection attacks on businesses. Additionally, they offer best practices to help ...
Dark Reading

Myth-Busting SQL- And Other Injection Attacks

While different security researchers may haggle over the exact ranking of SQL injection attacks compared to other common maladies, such as XSS and CSRF, few would deny that SQLi and its other ...
BizTech

A Guide to Combatting SQL Injection Attacks

SQL injection attacks are among the oldest exploits against web applications, dating back more than a decade. Sadly, despite the fact that it is fairly easy to defend against these injection attacks, ...
Houston Chronicle

Stored Procedures Vs. Prepared Statements in PHP and MySQL

The PHP development language provides you with a "prepare" function to send a prepared statement to a SQL database. You can use full, inline SQL statements in the prepared statement function or send ...