by Abel R
SQL injection is a technique to attack a database through a website. SQL injection attacks are when an attacker attempts to or succeeds in inserting their own code into a pre-existing query (e.g. a product search). The aim is to get the application to perform an action that is unexpected and usually of benefit to the attacker(Morgan 2006).
I liked this article because it relates to our class by teaching us the concepts of SQL injections and gives us tips on how to prevent such attacks. As we develop our databases we must keep in mind and consider how secure the database is. By doing so, we mitigate compromising the information of the user and at the same time protect the reputation of the company.
Morgan, D. (2006). Web application security – SQL injection attacks. Network Security, 2006(4), 4-5. doi:10.1016/S1353-4858(06)70353-1