File Library
The demonstrations for this session will carry on from where we left off at KScope13 - demonstrating powerful attacks that are possible through exploitation of SQL Injection vulnerabilities. We will present the common SQL Injection flaws that are arising in real-world applications, summarised from our year in security reviewing client APEX applications. The correct secure coding practice will be explained so that such SQL Injection issues can be protected against.
The presentation is structured as follows:
- Introduction
- General explanation of SQL Injection
- Demonstration 1 - Exploitation of SQL Injection in APEX
- Secure coding practice, to defend against SQL Injection
- Review of SQL Injection vulnerabilities observed in client applications
- Demonstration 2 - Exploitation of SQL Injection in APEX
- Summary and Questions
The key information for attendees is that simple secure coding patterns can fully protected against SQL Injection. Attendees should also realise the impact of SQL Injection in a skilled attacker’s hands.
Become a member of ODTUG to gain access to more than 12,500 files in our technical database.
- Not a member? Click through to the topic of interest to browse a list of available presentations.
- Already a member? Log-in here to access the full database
Click here to see the Full Techincal Resource Database