Robert Hurlbut is an independent software architect/developer, consultant, and owner of Hurlbut Consulting, Inc. He is also a Microsoft MVP for Visual C#. Robert specializes in application security, distributed architectures, and database architecture and development. He speaks at industry conferences, including WIN-DEV, New England Code Camp, Heartland Developers Conference, and DevTeach. He has a .NET blog at http://weblogs.asp.net/rhurlbut.
Many applications (Web-based applications and forms-based ["smart client"]
applications) typically use data stored in a database. While you may have
firewalls and other protections established when running your application,
your application can still be open to an attacker gaining direct (or
indirect) access to information in your database. The most common and
dangerous attack technique is to use SQL injection.
SQL injection occurs when an attacker is able to insert a series of SQL
statements into a "query" by manipulating data input into an application.
This can happen because data input is not checked or "sanitized" before being
entered into the database. All it takes is one input point through your
application that can allow an attacker to retrieve sensitive and priva... (more)
Robert Hurlbut is an independent software architect/developer, consultant, and owner of Hurlbut Consulting, Inc. He is also a Microsoft MVP for Visual C#. Robert specializes in application security, distributed architectures, and database architecture and development. He speaks at industry conferences, including WIN-DEV,
Keith Bergelt
Ricardo Aravena
Gaurav Mantri
Aditya Banerjee
John Karamitsos
Kaj van de Loo
Bob Little
Alois Reitbauer
Chris Schin
Richard Gordon
Anil Parambath
